CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2010-4251 – kernel: unlimited socket backlog DoS
https://notcve.org/view.php?id=CVE-2010-4251
26 May 2011 — The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests. La implementación del socket en net/core/sock.c en el kernel de Linux anterior a v2.6.34 no maneja correctamente un retraso de los paquetes recibidos, que permite a atacantes remotos provocar una denegación de ser... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8eae939f1400326b06d0c9afe53d2a484a326871 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2011-1581 – kernel: bonding: Incorrect TX queue offset
https://notcve.org/view.php?id=CVE-2011-1581
26 May 2011 — The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic. La función bond_select_queue en drivers/net/bonding/bond_main.c en el kernel de Linux anteriores a v2... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd0e435b0fe85622f167b84432552885a4856ac8 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4805 – kernel: unlimited socket backlog DoS
https://notcve.org/view.php?id=CVE-2010-4805
26 May 2011 — The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4251. La implementación del socket en net/core/sock.c en el kernel de Linux anteriores a v2.6.35 no maneja correctamente un... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c377411f2494a931ff7facdbb3a6839b1266bcf6 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2011-1598 – kernel: missing check in can/bcm and can/raw socket releases
https://notcve.org/view.php?id=CVE-2011-1598
09 May 2011 — The bcm_release function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation. La función bcm_release en net/can/bcm.c del kernel de linux en versiones anteriores a v2.6.39-rc6 no valida correctamente una estructura de toma de datos, lo cual permite a usuarios locales causar una denegación de servicio ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c6914a6f261aca0c9f715f883a353ae7ff51fe83 • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2011-1748 – kernel: missing check in can/bcm and can/raw socket releases
https://notcve.org/view.php?id=CVE-2011-1748
09 May 2011 — The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation. La función raw_release en net/can/raw.c en el Kernel de Linux anterior a v2.6.39-rc6 no valida adecuadamente una estructura de datos socket, lo que permite a usuarios locales provocar una denegación de servicio (desreferenci... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=10022a6c66e199d8f61d9044543f38785713cbbd • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 665EXPL: 0CVE-2011-1090 – kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab
https://notcve.org/view.php?id=CVE-2011-1090
09 May 2011 — The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service (panic) via a crafted attempt to set an ACL. La función __nfs4_proc_set_ac en fs/nfs/nfs4proc.c en el Kernel de Linux anterior a v.2.6.38 almacena datos NFSv4 ACL en memoria que es asignado por kmalloc pero no libera adecuadamente, lo que permite a usuarios locales provocar una denega... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e9e3d724e2145f5039b423c290ce2b2c3d8f94bc • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-1746 – kernel: agp: insufficient page_count parameter checking in agp_allocate_memory()
https://notcve.org/view.php?id=CVE-2011-1746
09 May 2011 — Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages. Multiples desbordamientos de enteros en las funciones agp_allocate_memory y agp_create_user_memory en los drivers /char/agp/g... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b522f02184b413955f3bc952e3776ce41edc6355 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1747
https://notcve.org/view.php?id=CVE-2011-1747
09 May 2011 — The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not properly restrict memory allocation by the (1) AGPIOC_RESERVE and (2) AGPIOC_ALLOCATE ioctls, which allows local users to cause a denial of service (memory consumption) by making many calls to these ioctls. El subsistema agp en el kernel de Linux v2.6.38.5 y anteriores no restringe correctamente la asignación de memoria por el ( 1 ) AGPIOC_RESERVE y ( 2 )AGPIOC_ALLOCATE ioctls , lo cual permite a usuarios locales causar una denegación de se... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b522f02184b413955f3bc952e3776ce41edc6355 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-2022 – kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls
https://notcve.org/view.php?id=CVE-2011-2022
09 May 2011 — The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745. La función agp_generic_remove_memory en los drivers /char/agp/generic.c del kernel de Linux con anterioridad a v2.6.38.5 no valida un parámetro de inicio determinado, lo que perm... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-1745 – kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls
https://notcve.org/view.php?id=CVE-2011-1745
09 May 2011 — Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. Desbordamiento de enteros en la función agp_generic_insert_memory en los drivers /char/agp/generic.c del kernel de Linux con anterioridad a v2.6.38.5 permite a usuarios locales conseguir privilegios o causar una denegación de servicio ( fallo del sistema ) ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce • CWE-190: Integer Overflow or Wraparound •