CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-28038 – Ubuntu Security Notice USN-4946-1
https://notcve.org/view.php?id=CVE-2021-28038
05 Mar 2021 — An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931. Se detectó un problema en el kernel de Linux versiones hasta 5.11.3, como es usada con Xen PV. • http://www.openwall.com/lists/oss-security/2021/03/05/1 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.5EPSS: 0%CPEs: 38EXPL: 0CVE-2020-35508 – kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
https://notcve.org/view.php?id=CVE-2020-35508
25 Feb 2021 — A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process. Se ha encontrado una posibilidad de fallo de condición de carrera y de inicialización incorrecta del id del proceso en el manejo del id del proceso child/parent del kernel de Linux mientras se filtran los manejadore... • https://bugzilla.redhat.com/show_bug.cgi?id=1902724 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-665: Improper Initialization •
CVSS: 7.2EPSS: 0%CPEs: 15EXPL: 0CVE-2014-0069 – kernel: cifs: incorrect handling of bogus user pointers during uncached writes
https://notcve.org/view.php?id=CVE-2014-0069
28 Feb 2014 — The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. La función cifs_iovec_write en fs/cifs/file.c en el kernel de Linux hasta 3.13.5 no maneja debidamente opera... • http://article.gmane.org/gmane.linux.kernel.cifs/9401 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0886
https://notcve.org/view.php?id=CVE-2001-0886
21 Dec 2001 — Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. Desbordamiento de buffer en la función glob de glibc para Red Hat Linux 6.2 a 7.2, y otros sistemas operativos, permite a atacantes causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrarios mediante un patrón de glob que acaba en una llave "{" • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000447 •
CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0CVE-1999-1346
https://notcve.org/view.php?id=CVE-1999-1346
07 Oct 1999 — PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file. • http://marc.info/?l=bugtraq&m=93942774609925&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1347
https://notcve.org/view.php?id=CVE-1999-1347
07 Oct 1999 — Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm. • http://marc.info/?l=bugtraq&m=93942774609925&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1348
https://notcve.org/view.php?id=CVE-1999-1348
30 Jun 1999 — Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service. • http://marc.info/?l=bugtraq&m=93220073515880&w=2 •