CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 1CVE-2011-1476
https://notcve.org/view.php?id=CVE-2011-1476
21 Jun 2012 — Integer underflow in the Open Sound System (OSS) subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service (memory corruption) by leveraging write access to /dev/sequencer. Un desbordamiento de entero en el subsistema 'Open Sound System' (OSS) del kernel de Linux en versiones anteriores a v2.6.39 en plataformas no-x86 permite a usuarios locales provocar una denegación de servicio (corrupción de memoria) mediante el aprovechamiento del acceso... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2011-1023 – kernel: BUG_ON() in rds_send_xmit()
https://notcve.org/view.php?id=CVE-2011-1023
21 Jun 2012 — The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or (2) an InfiniBand (aka ib) transmit operation. El subsistema 'Reliable Datagram Sockets' (SDR) del kernel de Linux en versiones anteriores a v2.6.38 no gestiona correctamente las actualizaciones del mapa de congestiones, lo que permi... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2011-4324 – kernel: nfsv4: mknod(2) DoS
https://notcve.org/view.php?id=CVE-2011-4324
21 Jun 2012 — The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem. La función de encode_share_access fs/nfs/nfs4xdr.c en versiones del kernel de Linux anteriores a v2.6.29 permite a usuarios locales provocar una denegación de servicio (caída del sistema) mediante el uso de la llamada al sistema 'mknod' con una ruta de acceso en un sistema de archiv... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29 •
CVSS: 7.5EPSS: 4%CPEs: 10EXPL: 4CVE-2012-2127
https://notcve.org/view.php?id=CVE-2012-2127
21 Jun 2012 — fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd. fs/proc/root.c en las implementaciones de procfs del kernel de Linux anteriores a v3.2 no interactua adecuadamente con las llamadas al sistema de CLONE_NEWPID, lo... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=905ad269c55fc62bee3da29f7b1d1efeba8aa1e1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2010-4250 – Linux Kernel 2.6.x - 'inotify_init()' Memory Leak Local Denial of Service
https://notcve.org/view.php?id=CVE-2010-4250
21 Jun 2012 — Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files. Una vulnerabilidad de pérdida de memoria en la función inotify_init1 en fs/notify/inotify/inotify_user.c en versiones del kernel de Linux anteriores a v2.6.37 permite a usuarios locales provocar una denegación de servicio (por excesivo consumo de memoria) a través de vectores... • https://www.exploit-db.com/exploits/35013 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.8EPSS: 2%CPEs: 17EXPL: 1CVE-2011-1493
https://notcve.org/view.php?id=CVE-2011-1493
21 Jun 2012 — Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket. Un error de indice de array en la función rose_parse_national en net/rose/rose_subr.c en versiones del kernel de Linux anteriores a v2.6.39 permite a at... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1080 – kernel: ebtables stack infoleak
https://notcve.org/view.php?id=CVE-2011-1080
21 Jun 2012 — The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line. La función de do_replace en net/bridge/netfilter/ebtables.c en versiones del kernel de Linux anteriores a v2.6.39 no garantiza que un nombre de campo ... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2011-1021 – Linux Kernel < 2.6.37-rc2 - 'ACPI custom_method' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2011-1021
21 Jun 2012 — drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347. drivers/acpi/debugfs.c en el kernel de Linux antes de v3.0 permite a usuarios locales modificar posiciones de memoria del kernel de su elección aprovechandose de los privilegios de root para escribir en el archivo /sys/kernel/... • https://www.exploit-db.com/exploits/15774 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1079 – kernel: bnep device field missing NULL terminator
https://notcve.org/view.php?id=CVE-2011-1079
21 Jun 2012 — The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command. La función de bnep_sock_ioctl en net/bluetooth/bnep/sock.c en versiones del kernel de Linux anteriores a v2.6.39 no garantiza que un campo de dispositivo determinado termine... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 63EXPL: 1CVE-2012-0028 – kernel: futex: clear robust_list on execve
https://notcve.org/view.php?id=CVE-2012-0028
21 Jun 2012 — The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process. La implementación de robust futex en el kernel de Linux antes de v2.6.28 no maneja adecuadamente los procesos que realizan llamadas Exec System Recovery, lo que permite a usuarios locales provocar una denegación de servicio o posiblemente obtener p... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28 • CWE-264: Permissions, Privileges, and Access Controls •