CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 3CVE-2012-1146
https://notcve.org/view.php?id=CVE-2012-1146
The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events. La función mem_cgroup_usage_unregister_event en mm/memcontrol.c en el núcleo de Linux anteriores a v3.2.10 no maneja apropiadamente múltiples eventos que son asociados al mismo eventfd, lo cual permite a usuarios locales causar una denegación de servicio (puntero nulo sin referencia y caída del sistema) o posiblemente tener un impacto no especificado por el registro de eventos en el límite de la memoria. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=371528caec553785c37f73fa3926ea0de84f986f http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075781.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html http://secunia.com/advisories/48898 http://secunia.com/advisories/48964 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10 http://www.openwall.com/lists/oss-security/2012/03/07/3 https://bugzilla.redhat • CWE-476: NULL Pointer Dereference •
CVSS: 5.7EPSS: 0%CPEs: 10EXPL: 0CVE-2012-1090 – kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount
https://notcve.org/view.php?id=CVE-2012-1090
The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. La función cifs_lookup en fs/cifs/dir.c en el núcleo de Linux anteriores a v3.2.10 permite a usuarios locales causar una denegación de servicio (OOPS) a través de intentos de acceso a un archivo especial, como lo demuestra un FIFO. • http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html http://rhn.redhat.com/errata/RHSA-2012-0481.html http://rhn.redhat.com/errata/RHSA-2012-0531.html http://secunia.com/advisories/48842 http://secunia.com/advisories/48964 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10 http://www.openwall.com/lists/oss-security/2012/02/28/4 https://bugzilla.redhat.com/show • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2010-4650
https://notcve.org/view.php?id=CVE-2010-4650
Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging the ability to operate a CUSE server. Un desbordamiento de búfer en la función fuse_do_ioctl en fs/fusible/file.c en versiones del kernel de Linux anteriores a v2.6.37 permite a usuarios locales provocar una denegación de servicio o posiblemente tener un impacto no especificado mediante el aprovechamiento de la capacidad de operar un servidor CUSE. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7572777eef78ebdee1ecb7c258c0ef94d35bad16 http://www.openwall.com/lists/oss-security/2011/01/06/18 https://bugzilla.redhat.com/show_bug.cgi?id=667892 https://github.com/torvalds/linux/commit/7572777eef78ebdee1ecb7c258c0ef94d35bad16 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-4621 – kernel: tight loop and no preemption can cause system stall
https://notcve.org/view.php?id=CVE-2011-4621
The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop. El kernel de Linux antes de v2.6.37 no aplica la optimización de una actualización de reloj, lo que permite a usuarios locales provocar una denegación de servicio (bloqueo del sistema) a través de una aplicación que ejecuta código en un bucle. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f26f9aff6aaf67e9a430d16c266f91b13a5bff64 http://www.openwall.com/lists/oss-security/2011/12/21/6 https://bugzilla.redhat.com/show_bug.cgi?id=769711 https://github.com/torvalds/linux/commit/f26f9aff6aaf67e9a430d16c266f91b13a5bff64 https://access.redhat.com/security/cve/CVE-2011-4621 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 1.9EPSS: 0%CPEs: 4EXPL: 0CVE-2011-0006 – kernel: ima: fix add LSM rule bug
https://notcve.org/view.php?id=CVE-2011-0006
The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator's addition of an IMA rule for LSM. La función ima_lsm_rule_init en security/integrity/ima/ima_policy.c en versiones del kernel de Linux anteriores a v2.6.37, cuando 'Linux Security Modules' (LSM) está desactivado, permite a usuarios locales eludir las reglas de 'Integrity Measurement Architecture' (IMA) en determinadas circunstancias aprovechándose de la inclusión de una regla IMA a LSM. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9 http://www.openwall.com/lists/oss-security/2011/01/06/18 https://bugzilla.redhat.com/show_bug.cgi?id=667912 https://github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9 https://access.redhat.com/security/cve/CVE-2011-0006 • CWE-264: Permissions, Privileges, and Access Controls •