CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 1CVE-2009-1758 – kernel: xen: local denial of service
https://notcve.org/view.php?id=CVE-2009-1758
22 May 2009 — The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges." La función hypervisor_callback en Xen, posiblemente anteriores a v3.4.0, como la que se aplica al kernel de linux v2.6.30-rc4, 2.6.18 y posiblemente otroas versiones permiten a aplicaciones del usuario guess provoca... • http://lists.xensource.com/archives/html/xen-devel/2009-05/msg00561.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 3CVE-2009-1630 – kernel: nfs: fix NFS v4 client handling of MAY_EXEC in nfs_permission
https://notcve.org/view.php?id=CVE-2009-1630
14 May 2009 — The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver. La función nfs_permission en fs/nfs/dir.c en la implementación cliente NFS en Linux kernel v2.6.29.3 y versiones anteriores, cuando atomic_open está activo, no comprueba la ejecución (... • http://article.gmane.org/gmane.linux.nfs/26592 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 335EXPL: 0CVE-2009-1184
https://notcve.org/view.php?id=CVE-2009-1184
05 May 2009 — The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21. La función selinux_ip_postroute_iptables_compat en security/selinux/hooks.c en el subsistema SELinux en el k... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=910c9e41186762de3717baaf392ab5ff0c454496 • CWE-16: Configuration •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 1CVE-2009-1527 – Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - 'ptrace_attach' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-1527
05 May 2009 — Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a PTRACE_ATTACH ptrace call during an exec system call that is launching a setuid application, related to locking an incorrect cred_exec_mutex object. Condición de carrera en la función ptrace_attach en kernel/ptrace.c en el kernel de Linux anterior a 2.6.40-rc4 permite a usuarios locales conseguir privilegios a través de la llamada PTRACE_ATTACH ptrace durante una ... • https://www.exploit-db.com/exploits/8673 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 11%CPEs: 334EXPL: 0CVE-2009-1439 – kernel: cifs: memory overwrite when saving nativeFileSystem field during mount
https://notcve.org/view.php?id=CVE-2009-1439
27 Apr 2009 — Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request. Un desbordamiento de búfer en fs/cifs/connect.c en el kernel de Linux v2.6.29 y anteriores permite a atacantes remotos provocar una denegación de servicio (mediante caída) a través de un campo nativeFileSystem demasiado largo en una respuesta Tree Connect a una petición de montaje... • http://blog.fefe.de/?ts=b72905a8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 330EXPL: 0CVE-2009-1192 – kernel: agp: zero pages before sending to userspace
https://notcve.org/view.php?id=CVE-2009-1192
24 Apr 2009 — The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. drivers/char/agp/generic.c en el subsistema en el kernel de Linux antes de v2.6.30-rc3 no vacía páginas que más tarde pueden estar disponibles para un proceso del espacio de usuario, lo que perm... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=59de2bebabc5027f93df999d59cc65df591c3e6e •
CVSS: 7.5EPSS: 2%CPEs: 329EXPL: 1CVE-2009-1360
https://notcve.org/view.php?id=CVE-2009-1360
22 Apr 2009 — The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets. La función __inet6_check_established en net/ipv6/inet6_hashtables.c en el núcleo de Linux versiones anteriores a v2.6.29, cuando Network Namespace Support (también conocido como NET_NS) está activo, permite a atacantes... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3f53a38131a4e7a053c0aa060aba0411242fb6b9 •
CVSS: 6.9EPSS: 0%CPEs: 342EXPL: 1CVE-2009-1337 – Linux Kernel < 2.6.29 - 'exit_notify()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-1337
22 Apr 2009 — The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application. La función exit_notify en kernel/exit.c en el kernel Linux antes de la versión 2.6.30-rc1 no restringe las señales de salida cuando se alcanza la capacidad CAP_KILL , lo que ... • https://www.exploit-db.com/exploits/8369 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 130EXPL: 0CVE-2009-1338 – kernel: 'kill sig -1' must only apply to caller's pid namespace
https://notcve.org/view.php?id=CVE-2009-1338
22 Apr 2009 — The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command. La función kill_something_info function en kernel/signal.c en el núcleo de Linux versiones anteriores a v2.6.28 no considera namespaces PID cuando está procesando señales dirigidas a PID -1, lo cua... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d25141a818383b3c3b09f065698c544a7a0ec6e7 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 1%CPEs: 114EXPL: 1CVE-2009-1265
https://notcve.org/view.php?id=CVE-2009-1265
08 Apr 2009 — Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent. Desbordamiento de entero en rose_sendmsg (sys/net/af_rose.c) en el kernel de Linux v2.6.24.4 y otras versiones anteriores a la 2.6.30-rc1, podría permitir a atacantes remotos conseguir información sensible a través de un valor largo, lo que causaría que la "basu... • http://bugzilla.kernel.org/show_bug.cgi?id=10423 • CWE-189: Numeric Errors •