Page 483 of 2882 results (0.017 seconds)

CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 1

CVE-2012-2390 – kernel: huge pages: memory leak on mmap failure

https://notcve.org/view.php?id=CVE-2012-2390

Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations. Memoria no liberada (memory leak) en mm/hugetlb.c del kernel de Linux en versiones anteriores a la 3.4.2. Permite a usuarios locales provocar una denegación de servicio (consumo de la memoria o caída del sistema) a traves de operaciones mmap MAP_HUGETLB inválidas. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c50ac050811d6485616a193eb0f37bfbd191cc89 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.2 http://www.openwall.com/lists/oss-security/2012/05/23/14 http://www.ubuntu.com/usn/USN-1515-1 http://www.ubuntu.com/usn/USN-1535-1 https://bugzilla.redhat.com/show_bug.cgi?id=824345 https://github.com/torvalds/linux/commit/c50ac050811d6485616a193eb0f37bfbd191cc89 https://access.redhat.com/security&#x • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 2.1EPSS: 0%CPEs: 11EXPL: 1

CVE-2011-2208

https://notcve.org/view.php?id=CVE-2011-2208

Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call. Error de signo de entero en la función osf_getdomainname de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha permite a usuarios locales obtener información sensible de la memoria del kernel a través de una llamada modificada. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=21c5977a836e399fc710ff2c5367845ed5c2527f http://www.openwall.com/lists/oss-security/2011/06/15/7 https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f • CWE-189: Numeric Errors •

CVSS: 4.6EPSS: 0%CPEs: 9EXPL: 1

CVE-2012-2375 – kernel: incomplete fix for CVE-2011-4131

https://notcve.org/view.php?id=CVE-2012-2375

The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131. La función __nfs4_get_acl_uncached de fs/nfs/nfs4proc.c de la implementación NFSv4 del kernel de Linux en versiones anteriores a la 3.3.2 utiliza una variable de longitud incorrecta durante una operación de copia, lo que permite a servidores NFS remotos provocar una denegación de servicio (OOPS) enviando un número excesivo de bitmap words en una respuesta FATTR4_ACL. NOTA: esta vulnerabilida existe debido a una solución incompleta de CVE-2011-4131. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=20e0fa98b751facf9a1101edaefbc19c82616a68 http://marc.info/?l=bugtraq&m=139447903326211&w=2 http://rhn.redhat.com/errata/RHSA-2012-1580.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.2 http://www.openwall.com/lists/oss-security/2012/05/18/13 https://bugzilla.redhat.com/show_bug.cgi?id=822869 https://github.com/torvalds/linux/commit/20e0fa98b751facf9a1101edaefbc19c82616a68 https://access • CWE-189: Numeric Errors •

CVSS: 4.9EPSS: 0%CPEs: 12EXPL: 0

CVE-2012-2384 – kernel: drm/i915: integer overflow in i915_gem_do_execbuffer()

https://notcve.org/view.php?id=CVE-2012-2384

Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. Desbordamiento de entero en la función i915_gem_do_execbuffer de drivers/gpu/drm/i915/i915_gem_execbuffer.c del subsistema Direct Rendering Manager (DRM) del kernel de Linux en versiones anteriores a la 3.3.5 en plataformas de 32-bit. Permite a usuarios locales provocar una denegación de servicio (escritura fuera del límite) o posiblemente tener otros inpactos sin especificar a través de una llamada ioctl modificada. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=44afb3a04391a74309d16180d1e4f8386fdfa745 http://marc.info/?l=bugtraq&m=139447903326211&w=2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5 http://www.openwall.com/lists/oss-security/2012/05/22/8 http://www.securityfocus.com/bid/53971 https://bugzilla.redhat.com/show_bug.cgi?id=824178 https://github.com/torvalds/linux/commit/44afb3a04391a74309d16180d1e4f8386fdfa745 https://access.redhat.com • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 1.2EPSS: 0%CPEs: 22EXPL: 1

CVE-2012-2313 – kernel: unfiltered netdev rio_ioctl access by users

https://notcve.org/view.php?id=CVE-2012-2313

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. La función rio_ioctl de drivers/net/ethernet/dlink/dl2k.c del kernel de Linux en versiones anteriores a la 3.3.7 no restringe el acceso al comando SIOCSMIIREG, lo que permite a usuarios locales escribir datos a un adaptador Ethernet a través de una llamada ioctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://marc.info/?l=bugtraq&m=139447903326211&w=2 http://rhn.redhat.com/errata/RHSA-2012-1174.html http://rhn.redhat.com/errata/RHSA-2012-1481.html http://rhn.redhat.com/errata/RHSA-2012-1541.html http://rhn.redhat.com/errata/RHSA-2012-1589.html http://www.kernel.org/pub/linux/ke • CWE-264: Permissions, Privileges, and Access Controls •