Page 5 of 72 results (0.018 seconds)

CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 0

CVE-2010-3874 – kernel: CAN minor heap overflow

https://notcve.org/view.php?id=CVE-2010-3874

Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation. Desbordamiento de búfer basado en memoria dinámica (heap) en la función bcm_connect en net/can/bcm.c (también conocido como el Broadcast Manager) en la implementación del Controller Area Network en el kernel de Linux v2.6.36 sobre plataformas de 64 bits, podría permitir a usuarios locales provocar una denegación de servicio (corrupción de memoria) a través de una operación connect. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0597d1b99fcfc2c0eada09a698f85ed413d4ba84 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://o • CWE-787: Out-of-bounds Write •

CVSS: 1.9EPSS: 0%CPEs: 11EXPL: 0

CVE-2010-3876 – kernel: net/packet/af_packet.c: reading uninitialized stack memory

https://notcve.org/view.php?id=CVE-2010-3876

net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. net/packet/af_packet.c en el kernel de Linux anterior a v2.6.37-rc2 no inicializa correctamente ciertos miembros de la estructura, que permite a usuarios locales obtener información sensible de la pila del núcleo de la memoria mediante el aprovechamiento de la capacidad CAP_NET_RAW para leer las copias de las estructuras de aplicación. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67286640f638f5ad41a946b9a3dc75327950248f http://marc.info/?l=linux-netdev&m=128854507220908&w=2 http://openwall.com/lists/oss-security/2010/11/02/10 http://openwall.com/lists/oss-security/2010/11/02/12 http://openwall.com/lists/oss-security/2010/11/02/7 http://openwall.com/lists/oss-security/2010/11/02/9 http://openwall.com/lists/oss-security/2010/11/04/5 http://secunia.com • CWE-909: Missing Initialization of Resource •

CVSS: 2.1EPSS: 0%CPEs: 14EXPL: 0

CVE-2010-4080 – kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory

https://notcve.org/view.php?id=CVE-2010-4080

The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. La función snd_hdsp_hwdep_ioctl en sound/pci/rme9652/hdsp.c en el kernel de Linux anterior a v2.6.36-rc6 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información sensible de la pila de la memoria del kernel a través de una llamada ioctl SNDRV_HDSP_IOCTL_GET_CONFIG_INFO. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e68d3b316ab7b02a074edc4f770e6a746390cb7d http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lkml.org/lkml/2010/9/25/41 http://secunia.com/advisories/42778 http:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 1.9EPSS: 0%CPEs: 14EXPL: 0

CVE-2010-4078

https://notcve.org/view.php?id=CVE-2010-4078

The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. La función sisfb_ioctl de drivers/video/sis/sis_main.c del kernel de Linux en versiones anteriores a la 2.6.36-rc6 no inicializa apropiadamente un miembro de una determinada estructura, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila del kernel a través de una llamada ioctl FBIOGET_VBLANK. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd02db9de73faebc51240619c7c7f99bee9f65c7 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://secunia.com/advisories/42778 http://secunia.com/advisories/42801 http://www. • CWE-909: Missing Initialization of Resource •

CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 4

CVE-2010-4165 – Linux Kernel 2.6.37 - Local Kernel Denial of Service

https://notcve.org/view.php?id=CVE-2010-4165

The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer. La función do_tcp_setsockopt de net/ipv4/tcp.c en el kernel de Linux anterior a 2.6.37-rc2 no restringe adecuadamente los valores TCP_MAXSEG (también conocidos como MSS), esto permite a usuarios locales provocar una denegación de servicio (OOPS) mediante una llamada setsockopt que especifica un valor pequeño, lo que conduce a un error de división entre cero o un uso incorrecto de un entero asignado. • https://www.exploit-db.com/exploits/16263 https://www.exploit-db.com/exploits/16952 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html • CWE-369: Divide By Zero •