CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2010-3477 – kernel: net/sched/act_police.c infoleak
https://notcve.org/view.php?id=CVE-2010-3477
21 Sep 2010 — The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. La función tcf_act_police_dump en net/sched/act_police.c del kernel Linux anterior ... • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=0f04cfd098fb81fded74e78ea1a1b86cc6c6c31e • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2010-3078 – kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak
https://notcve.org/view.php?id=CVE-2010-3078
21 Sep 2010 — The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. La función xfs_ioc_fsgetxattr en fs/xfs/linux-2.6/xfs_ioctl.c del kernel Linux anterior a v2.6.36-rc4 no inicializa apropiadamente ciertos miembros de estructura, lo que permite a usuarios locales obtener información potencialmente sensible de la pi... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2010-3067 – kernel: do_io_submit() infoleak
https://notcve.org/view.php?id=CVE-2010-3067
21 Sep 2010 — Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. Vulnerabilidad de desbordamiento de entero en la función do_io_submit en fs/aio.c del kernel Linux anterior a v2.6.36-rc4-next-20100915, permite a usuarios locales provocar una denegación de servicio o posiblemente tenga otro impacto sin especificar a través del uso... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75e1c70fc31490ef8a373ea2a4bea2524099b478 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2010-3080 – kernel: /dev/sequencer open failure is not handled correctly
https://notcve.org/view.php?id=CVE-2010-3080
21 Sep 2010 — Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device. Vulnerabilidad de doble liberación en la función snd_seq_oss_open de sound/core/seq/oss/seq_oss_init.c en el kernel Linux anterior a v6.36-rc4 podría permitir a usuarios locales causar una denegación de servicio o posibl... • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=c598337660c21c0afaa9df5a65bb4a7a0cf15be8 • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2010-2942 – kernel: net sched: fix some kernel memory leaks
https://notcve.org/view.php?id=CVE-2010-2942
21 Sep 2010 — The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sc... • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2010-2492 – kernel: ecryptfs_uid_hash() buffer overflow
https://notcve.org/view.php?id=CVE-2010-2492
08 Sep 2010 — Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. Vulnerabilidad de desbordamiento de búfer en la macro ecryptfs_uid_hash en fs/ecryptfs/messaging.c del subsistema eCryptfs del kernel de Linux anterior a v2.6.35, podría permitir a a usuarios locales obtener privilegios o provocar una denegación de servicio (caída d... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6f80fb7b5986fda663d94079d3bba0937a6b6ff • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 36EXPL: 0CVE-2010-2798 – kernel: gfs2: rename causes kernel panic
https://notcve.org/view.php?id=CVE-2010-2798
08 Sep 2010 — The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c. La función gfs2_dirent_find_space en fs/gfs2/dir.c en el kernel de Linux anterior a v 2.6.35, usa un ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=728a756b8fcd22d80e2dbba8117a8a3aafd3f203 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2010-2803 – kernel: drm ioctls infoleak
https://notcve.org/view.php?id=CVE-2010-2803
08 Sep 2010 — The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount. La función drm_ioctl en drivers/gpu/drm/drm_drv.c en el subsistema Direct Rendering Manager (DRM) en el kernel de Linux anterior a v2.6.27.53, v2.6.32.x anterior ... • http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git%3Ba=commit%3Bh=1b2f1489633888d4a06028315dc19d65768a1c05 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2010-2495
https://notcve.org/view.php?id=CVE-2010-2495
08 Sep 2010 — The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors related to a routing change. La función pppol2tp_xmit en drivers/net/pppol2tp.c en la implementación L2TP en el kernel de Linux anterior a v2.6.34, no valida adecuadamente determinados... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3feec9095d12e311b7d4eb7fe7e5dfa75d4a72a5 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2010-2955 – kernel: wireless: fix 64K kernel heap content leak via ioctl
https://notcve.org/view.php?id=CVE-2010-2955
08 Sep 2010 — The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size. La función cfg80211_wext_giwessid en net/wireless/wext-co... • http://forums.grsecurity.net/viewtopic.php?f=3&t=2290 • CWE-193: Off-by-one Error •