CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1010 – kernel: fs/partitions: Validate map_count in Mac partition tables
https://notcve.org/view.php?id=CVE-2011-1010
01 Mar 2011 — Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table. Desbordamiento de búfer en la función mac_partition en fs/partitions/mac.c en el kernel de Linux anteriores a v2.6.37.2, permite a usuarios locales causar una denegación de servicio (pánico) o posiblemente tener un impacto no especificado a través de una tabla de parti... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa7ea87a057958a8b7926c1a60a3ca6d696328ed • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2011-1017
https://notcve.org/view.php?id=CVE-2011-1017
01 Mar 2011 — Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table. Desbordamiento de búfer en memoria dinámica en la función ldm_frag_add en fs/partitions/ldm.c en el kernel de Linux v2.6.37.2 y anteriores, podría permitir a usuarios locales conseguir privilegios u obtener información sensible a través de una tabla de particiones LDM manipulada. • http://openwall.com/lists/oss-security/2011/02/23/16 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 5CVE-2011-1020 – Linux Kernel 2.6.32 (Ubuntu 10.04) - '/proc' Handling SUID Privilege Escalation
https://notcve.org/view.php?id=CVE-2011-1020
28 Feb 2011 — The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls. La implementación del sistema de ficheros proc en el Kernel de Linux v2.6.37 y anteriores no restringe el acceso a un proceso del árbol del directorio /proc después de realizar este ... • https://packetstorm.news/files/id/141912 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2011-1016 – kernel: drm/radeon/kms: check AA resolve registers on r300
https://notcve.org/view.php?id=CVE-2011-1016
28 Feb 2011 — The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values. El driver Radeon GPU en el Kernel de Linux anterior a v2.6.38-rc5 no valida adecuadamente datos relacionados con el registro AA resolve, lo que permite a usuarios locales escribir en lugares de memoria de su elecció... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2011-0999 – kernel: thp: prevent hugepages during args/env copying into the user stack
https://notcve.org/view.php?id=CVE-2011-0999
23 Feb 2011 — mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not prevent creation of a transparent huge page (THP) during the existence of a temporary stack for an exec system call, which allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact via a crafted application. mm/huge_memory.c en el kernel de Linux anterior a f2.6.38-rc5 no impide la creación de una transparent huge page (THP) durante la existencia de una pila temporal para una llamada al siste... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a7d6e4ecdb7648478ddec76d30d87d03d6e22b31 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2010-4649 – kernel: IB/uverbs: Handle large number of entries in poll CQ
https://notcve.org/view.php?id=CVE-2010-4649
18 Feb 2011 — Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member. Desbordamiento de enteros en la función ib_uverbs_poll_cq en drivers/InfiniBand/core/uverbs_cmd.c en el kernel de Linux antes de v2.6.37 permite a usuarios locales causar una denegación de servicio (corrupción de memoria) o posi... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7182afea8d1afd432a17c18162cc3fd441d0da93 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2011-1044 – kernel: IB/uverbs: Handle large number of entries in poll CQ
https://notcve.org/view.php?id=CVE-2011-1044
18 Feb 2011 — The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649. La función ib_uverbs_poll_cq en drivers/InfiniBand/core/uverbs_cmd.c en el kernel de Linux antes de v2.6.37 no inicializa determinado buffer de respuesta, lo que ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7182afea8d1afd432a17c18162cc3fd441d0da93 • CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2011-0710 – kernel: s390 task_show_regs infoleak
https://notcve.org/view.php?id=CVE-2011-0710
18 Feb 2011 — The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/. La función task_show_regs en arch/s390/kernel/traps.c en el kernel Linux antes de v2.6.38-rc4-next-20110216 en la plataforma s390 permite a usuarios locales obtener los valores de los registros de un proceso de su elección mediante la lectura del archivo del proc... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=261cd298a8c363d7985e3482946edb4bfedacf98 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2011-0712 – kernel: ALSA: caiaq - Fix possible string-buffer overflow
https://notcve.org/view.php?id=CVE-2011-0712
18 Feb 2011 — Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c. Múltiples desbordamientos de búfer en la funcionalidad caiaq Native Instruments USB audio en el kernel de... • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=eaae55dac6b64c0616046436b294e69fc5311581 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2011-0709
https://notcve.org/view.php?id=CVE-2011-0709
18 Feb 2011 — The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table. La función br_mdb_ip_get en net/bridge/ br_multicast.c en el kernel de Linux antes de v2.6.35-rc5 permite a atacantes remotos provocar una denegación de servicio (desreferencia a puntero nulo y caída del sistema) a través de un paquete IGMP, en relación con la fa... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7f285fa78d4b81b8458f05e77fb6b46245121b4e • CWE-476: NULL Pointer Dereference •