CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2008-3535 – kernel: fix off-by-one error in iov_iter_advance()
https://notcve.org/view.php?id=CVE-2008-3535
08 Aug 2008 — Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project. Error de superación del límite en la función iov_iter_advance de mm/filemap.c en Linux kernel versiones anteriores a 2.6.27-rc2 permite a usuarios locales provocar una denegación de servicio (ca... • http://mirror.celinuxforum.org/gitstat/commit-detail.php?commit=94ad374a0751f40d25e22e036c37f7263569d24c • CWE-193: Off-by-one Error •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2008-3272 – kernel snd_seq_oss_synth_make_info leak
https://notcve.org/view.php?id=CVE-2008-3272
08 Aug 2008 — The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information. La función snd_seq_oss_synth_make_info de sound/core/seq/oss/seq_oss_synth.c en el subsistema sound de Linux kernel versiones anteriores a 2.6.27-rc2 no verifica que el número de disposi... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=82e68f7ffec3800425f2391c8c86277606860442 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 17%CPEs: 296EXPL: 0CVE-2008-2750
https://notcve.org/view.php?id=CVE-2008-2750
18 Jun 2008 — The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a crafted PPPOL2TP packet that results in a large value for a certain length variable. La función pppol2tp_recvmsg de drivers/net/pppol2tp.c en el kernel de Linux 2.6 anterior a 2.6.26-rc6, permite a atacantes remotos provocar una denegación de servicio (corrupción... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6b6707a50c7598a83820077393f8823ab791abf8 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 11%CPEs: 271EXPL: 0CVE-2008-1673
https://notcve.org/view.php?id=CVE-2008-1673
10 Jun 2008 — The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an in... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=33afb8403f361919aa5c8fe1d0a4f5ddbfbbea3c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 304EXPL: 0CVE-2008-1669 – kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c
https://notcve.org/view.php?id=CVE-2008-1669
08 May 2008 — Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table." El kernel de Linux en versiones posteriores a la 2.6.25.2, no aplica determinados mecanismos de protección para la funcionalidad fcntl, la cual permite a usuarios locales (1) ejecutar código en paralelo o (2) explotar una condición de carrera (race condition) para obt... • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 269EXPL: 3CVE-2008-1514 – kernel: ptrace: Padding area write - unprivileged kernel crash
https://notcve.org/view.php?id=CVE-2008-1514
26 Mar 2008 — arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platforms allows local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference. El archivo arch/s390/kernel/ptrace.c en el kernel de Linux versión 2.6.9 y otras versiones anteriores a 2.6.27-rc6, en plataformas s390 permite a los usuarios locales causar una denegación de servicio (pánico del kernel) por medio d... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3d6e48f43340343d97839eadb1ab7b6a3ea98797 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 317EXPL: 0CVE-2007-6694 – /proc/cpuinfo DoS on some ppc machines
https://notcve.org/view.php?id=CVE-2007-6694
29 Jan 2008 — The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference. La función chrp_show_cpuinfo (chrp/setup.c) en Linux kernel 2.4.21 hasta 2.6.18-53, cuando funciona sobre PowerPC, podría permitir a usuarios locales provocar denegación de servicio (caida) a través de vectores desconocidos qu... • http://marc.info/?l=linux-kernel&m=119576191029571&w=2 • CWE-399: Resource Management Errors •
CVSS: 6.2EPSS: 0%CPEs: 191EXPL: 0CVE-2007-5093 – kernel PWC driver DoS
https://notcve.org/view.php?id=CVE-2007-5093
26 Sep 2007 — The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device. El método disconnect en el controlador Philips USB Webcam (pwc) e... • http://marc.info/?l=linux-kernel&m=118873457814808&w=2 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3945
https://notcve.org/view.php?id=CVE-2007-3945
23 Jul 2007 — Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes. Rule Set Based Access Control (RSBAC) anterior a 1.3.5 no utiliza de forma adecuada el API Crypto Linux Kernel del Linux kernel 2.6.x, el permite a atacantes dependientes del contexto evitar con... • http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt •
CVSS: 7.5EPSS: 4%CPEs: 252EXPL: 0CVE-2007-2876 – nf}_conntrack_sctp: remotely triggerable NULL ptr dereference
https://notcve.org/view.php?id=CVE-2007-2876
11 Jun 2007 — The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference. La función sctp_new en (1) ip_conntrack_proto_sctp.c y (2) nf_conntrack_proto_sctp.c en Netfilter en Linux kernel 2.6 anterior a 2.6.20.13, y 2.6.21.x anterior a 2.6.21.4, permite a atacantes remotos provocar deneg... • http://marc.info/?l=linux-kernel&m=118128610219959&w=2 •