CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 2CVE-2008-3528 – Linux kernel ext[234] directory corruption denial of service
https://notcve.org/view.php?id=CVE-2008-3528
27 Sep 2008 — The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privile... • http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 99EXPL: 1CVE-2008-4113 – Linux Kernel < 2.6.26.4 - SCTP Kernel Memory Disclosure
https://notcve.org/view.php?id=CVE-2008-4113
16 Sep 2008 — The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function. Función The sctp_getsockopt_hmac_ident en net/sctp/socket.c la implementación de Stre... • https://www.exploit-db.com/exploits/7618 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 66%CPEs: 63EXPL: 0CVE-2008-3915 – kernel: nfsd: fix buffer overrun decoding NFSv4 acl
https://notcve.org/view.php?id=CVE-2008-3915
09 Sep 2008 — Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl. Desbordamiento del búfer en nfsd en el kernel de Linux anterior a 2.6.26.4, cuando NFSv4 está activado, permite a atacantes remotos realizar acciones con un impacto desconocido a través de vectores que están relacionados con la decodificación de un NFSv4 acl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=91b80969ba466ba4b915a4a1d03add8c297add3f • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2008-3911
https://notcve.org/view.php?id=CVE-2008-3911
04 Sep 2008 — The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified other impact via a crafted read system call for the /proc/sys/sunrpc/transports file. La función proc_do_xprt de net/sunrpc/sysctl.c del núcleo de Linux 2.6.26.3, no comprueba el tamaño de determinado búfer obtenido del espacio de usuario (userspace), esto permite a los usuarios loca... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27df6f25ff218072e0e879a96beeb398a79cdbc8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2008-3792 – kernel: sctp: fix potential panics in the SCTP-AUTH API
https://notcve.org/view.php?id=CVE-2008-3792
03 Sep 2008 — net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2008-3525 – kernel: missing capability checks in sbni_ioctl()
https://notcve.org/view.php?id=CVE-2008-3525
03 Sep 2008 — The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. La función sbni_ioctl en drivers/net/wan/sbni.c del subsistema WAN en Linux kernel 2.6.26.3 no chequea la capacidad CAP_NET_ADMIN antes de procesar una petición ioctl (1) ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f2455eb176ac87081bbfc9a44b21c7cd2bc1967e • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 8%CPEs: 33EXPL: 0CVE-2008-3526 – Linux kernel sctp_setsockopt_auth_key() integer overflow
https://notcve.org/view.php?id=CVE-2008-3526
27 Aug 2008 — Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option. Desbordamiento de entero en la función sctp_setsockopt_auth_key de net/sctp/socket.c en la implementación Stream Control Transmission Protoc... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=30c2235cbc477d4629983d440cdc4f496fec9246 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 69%CPEs: 126EXPL: 0CVE-2008-3276 – Linux kernel dccp_setsockopt_change() integer overflow
https://notcve.org/view.php?id=CVE-2008-3276
18 Aug 2008 — Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field. Desbordamiento de entero en la función dccp_setsockopt_change de net/dccp/proto.c en el subsistema Datagram Congestion Control Protocol (DCCP (Pr... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=3e8a0a559c66ee9e7468195691a56fefc3589740 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2008-3686
https://notcve.org/view.php?id=CVE-2008-3686
14 Aug 2008 — The rt6_fill_node function in net/ipv6/route.c in Linux kernel 2.6.26-rc4, 2.6.26.2, and possibly other 2.6.26 versions, allows local users to cause a denial of service (kernel OOPS) via IPv6 requests when no IPv6 input device is in use, which triggers a NULL pointer dereference. La función rt6_fill_node en el archivo net/ipv6/route.c en el kernel de Linux versiones 2.6.26-rc4, 2.6.26.2, y posiblemente otras versiones 2.6.26, permite a los usuarios locales causar una denegación de servicio (OOPS del kernel)... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e0115e500fe9dd2ca11e6f92db9123204f1327a • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2008-3275 – Linux kernel local filesystem DoS
https://notcve.org/view.php?id=CVE-2008-3275
12 Aug 2008 — The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories. Las funciones (1) real_lookup y (2) __lookup_hash en el archivo fs/namei.c en la implementación de vfs en el kernel de Linux anterior a versió... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d70b67c8bc72ee23b55381bd6a884f4796692f77 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •