CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2009-4895 – kernel: tty->pgrp races
https://notcve.org/view.php?id=CVE-2009-4895
08 Sep 2010 — Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_setown functions. NOTE: the vulnerability was addressed in a different way in 2.6.32.9. Condición de carrera en la función tty_fasync en drivers/char/tty_io.c en el kernel de Linux v2.6.32.6, permite a usuarios locale... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=703625118069f9f8960d356676662d3db5a9d116 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2010-2803 – kernel: drm ioctls infoleak
https://notcve.org/view.php?id=CVE-2010-2803
08 Sep 2010 — The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount. La función drm_ioctl en drivers/gpu/drm/drm_drv.c en el subsistema Direct Rendering Manager (DRM) en el kernel de Linux anterior a v2.6.27.53, v2.6.32.x anterior ... • http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git%3Ba=commit%3Bh=1b2f1489633888d4a06028315dc19d65768a1c05 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2010-2495
https://notcve.org/view.php?id=CVE-2010-2495
08 Sep 2010 — The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors related to a routing change. La función pppol2tp_xmit en drivers/net/pppol2tp.c en la implementación L2TP en el kernel de Linux anterior a v2.6.34, no valida adecuadamente determinados... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3feec9095d12e311b7d4eb7fe7e5dfa75d4a72a5 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2010-2492 – kernel: ecryptfs_uid_hash() buffer overflow
https://notcve.org/view.php?id=CVE-2010-2492
08 Sep 2010 — Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. Vulnerabilidad de desbordamiento de búfer en la macro ecryptfs_uid_hash en fs/ecryptfs/messaging.c del subsistema eCryptfs del kernel de Linux anterior a v2.6.35, podría permitir a a usuarios locales obtener privilegios o provocar una denegación de servicio (caída d... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6f80fb7b5986fda663d94079d3bba0937a6b6ff • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 36EXPL: 0CVE-2010-2798 – kernel: gfs2: rename causes kernel panic
https://notcve.org/view.php?id=CVE-2010-2798
08 Sep 2010 — The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c. La función gfs2_dirent_find_space en fs/gfs2/dir.c en el kernel de Linux anterior a v 2.6.35, usa un ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=728a756b8fcd22d80e2dbba8117a8a3aafd3f203 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2010-2955 – kernel: wireless: fix 64K kernel heap content leak via ioctl
https://notcve.org/view.php?id=CVE-2010-2955
08 Sep 2010 — The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size. La función cfg80211_wext_giwessid en net/wireless/wext-co... • http://forums.grsecurity.net/viewtopic.php?f=3&t=2290 • CWE-193: Off-by-one Error •
CVSS: 7.8EPSS: 23%CPEs: 147EXPL: 0CVE-2010-2248 – kernel: cifs: Fix a kernel BUG with remote OS/2 server
https://notcve.org/view.php?id=CVE-2010-2248
07 Sep 2010 — fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions. Las funciones CIFSSMBWrite y CIFSSMBWrite2 de fs/cifs/cifssmb.c en la aplicación CIFS del kernel de Linux antes de v2.6.34-rc4 permiten a atacantes remotos provocar una denegación de servicio (mediant... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6513a81e9325d712f1bfb9a1d7b750134e49ff18 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 10.0EPSS: 15%CPEs: 149EXPL: 0CVE-2010-2521 – kernel: nfsd4: bug in read_buf
https://notcve.org/view.php?id=CVE-2010-2521
07 Sep 2010 — Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions. Múltiples desbordamientos de búfer en fs/nfsd/nfs4xdr.c en la aplicación XDR en el servidor NFS del kernel de Linux antes de v2.6.34-rc6 permiten a atacantes remotos provocar una dene... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2bc3c1179c781b359d4f2f3439cb3df72afc17fc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2010-2226 – kernel: xfs swapext ioctl minor security issue
https://notcve.org/view.php?id=CVE-2010-2226
03 Sep 2010 — The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. La función xfs_swapext en fs/xfs/xfs_dfrag.c en el kernel de Linux kernel anterior v2.6.35 no chequea adecuadamente los descriptores de archivo en SWAPEXT ioctl, lo que permiete a usuarios locales aprovechar el acceso de escritura y obtener acc... • http://archives.free.net.ph/message/20100616.130710.301704aa.en.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 24EXPL: 1CVE-2010-2240 – kernel: mm: keep a guard page below a grow-down stack segment
https://notcve.org/view.php?id=CVE-2010-2240
03 Sep 2010 — The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. La función do_anonymous_page en mm/memory.c en el kernel de Linux anterior v2.6.27.52, v2.6.32.x... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •