CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2010-4157 – kernel: gdth: integer overflow in ioc_general()
https://notcve.org/view.php?id=CVE-2010-4157
10 Dec 2010 — Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call. Desbordamiento de entero en la función ioc_general en drivers/scsi/gdth.c en el kernel Linux, en versiones anteriores a la 2.6.36.1 en plataformas de 64-bit, permite a atacantes locales provocar una denegación de servicio (corrupción de me... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f63ae56e4e97fb12053590e41a4fa59e7daa74a4 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2010-3861 – kernel: heap contents leak from ETHTOOL_GRXCLSRLALL
https://notcve.org/view.php?id=CVE-2010-3861
10 Dec 2010 — The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value, a different vulnerability than CVE-2010-2478. La función ethtool_get_rxnfc en net/core/ethtool.c en el kernel Linux, en versiones anteriores a la 2.6.36 no inicializa un cierto bloque de memoria dinámica, lo que permite a usuar... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ae6df5f96a51818d6376da5307d773baeece4014 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 6CVE-2010-3904 – Linux Kernel Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2010-3904
06 Dec 2010 — The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls. La función rds_page_copy_user de net/rds/page.c en la implementación del protocolo "Reliable Datagram Sockets" (RDS) del kernel de Linux en versiones anteriores a la 2.6.36 no valida apropiadamente las... • https://packetstorm.news/files/id/155751 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2010-4080 – kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4080
30 Nov 2010 — The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. La función snd_hdsp_hwdep_ioctl en sound/pci/rme9652/hdsp.c en el kernel de Linux anterior a v2.6.36-rc6 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información sensible de la pila de l... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e68d3b316ab7b02a074edc4f770e6a746390cb7d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2010-4082 – kernel: drivers/video/via/ioctl.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4082
30 Nov 2010 — The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call. La función viafb_ioctl_get_viafb_info en drivers/video/via/ioctl.c en el kernel de Linux anterior a v2.6.36-rc5 no inicializa correctamente un valor de una determinada estructura, lo que permite a usuarios locales obtener... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4aaa78f4c2f9cde2f335b14f4ca30b01f9651ca • CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2010-4083 – kernel: ipc/sem.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4083
30 Nov 2010 — The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl system call. La función copy_semid_to_user en ipc/sem.c en el kernel de Linux asntes de v2.6.36 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información potencialmente sensibl... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=982f7c2b2e6a28f8f266e075d92e19c0dd4c6e56 • CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2010-4081 – kernel: drivers/sound/pci/rme9652/hdspm.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4081
30 Nov 2010 — The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. La función snd_hdspm_hwdep_ioctl en sound/pci/rme9652/hdspm.c en el kernel de Linux anterior a v2.6.36-rc6 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información sensible de la pila... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e68d3b316ab7b02a074edc4f770e6a746390cb7d • CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 2CVE-2010-3858 – Linux Kernel 2.6.37 - 'setup_arg_pages()' Denial of Service
https://notcve.org/view.php?id=CVE-2010-3858
30 Nov 2010 — The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240. La función setup_arg_pages en fs/exec.c en el kernel de Linux anterior a v2.6.36, cuando se utiliza CONFIG_STACK_GROWSD... • https://www.exploit-db.com/exploits/15619 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4248 – kernel: posix-cpu-timers: workaround to suppress the problems with mt exec
https://notcve.org/view.php?id=CVE-2010-4248
30 Nov 2010 — Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c. Una condición de carrera en la función __exit_signal en kernel/exit.c en el kernel de Linux anterior a v2.6.37-rc2 permite a usuarios locales causar una denegación de serv... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e0a70217107e6f9844628120412cb27bb4cea194 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2010-4078
https://notcve.org/view.php?id=CVE-2010-4078
29 Nov 2010 — The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. La función sisfb_ioctl de drivers/video/sis/sis_main.c del kernel de Linux en versiones anteriores a la 2.6.36-rc6 no inicializa apropiadamente un miembro de una determinada estructura, lo que permite a usuarios locales obtener info... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd02db9de73faebc51240619c7c7f99bee9f65c7 • CWE-909: Missing Initialization of Resource •