CVSS: 10.0EPSS: 1%CPEs: 10EXPL: 0CVE-2010-2495 – Ubuntu Security Notice USN-1074-1
https://notcve.org/view.php?id=CVE-2010-2495
08 Sep 2010 — The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors related to a routing change. La función pppol2tp_xmit en drivers/net/pppol2tp.c en la implementación L2TP en el kernel de Linux anterior a v2.6.34, no valida adecuadamente determinados... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3feec9095d12e311b7d4eb7fe7e5dfa75d4a72a5 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2010-2524 – kernel: dns_resolver upcall security issue
https://notcve.org/view.php?id=CVE-2010-2524
08 Sep 2010 — The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals. La funcionalidad de resolución DNS en el kernel de Linux anterior a v2.6.35, cuando CONFIG_CI... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2010-2066 – kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files
https://notcve.org/view.php?id=CVE-2010-2066
08 Sep 2010 — The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor. La función mext_check_arguments en fs/ext4/move_extent.c en el kernel de Linux anterior a v2.6.35, permite a usuarios locales sobrescribir una archivo de solo-añadir (append-only) a través de una llamada MOVE_EXT ioctl que especifica este archivo como un donante. USN-1074-1 fixed vulnerabilities in linu... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72 •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2009-4895 – kernel: tty->pgrp races
https://notcve.org/view.php?id=CVE-2009-4895
08 Sep 2010 — Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_setown functions. NOTE: the vulnerability was addressed in a different way in 2.6.32.9. Condición de carrera en la función tty_fasync en drivers/char/tty_io.c en el kernel de Linux v2.6.32.6, permite a usuarios locale... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=703625118069f9f8960d356676662d3db5a9d116 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2010-2954 – Ubuntu Security Notice USN-1093-1
https://notcve.org/view.php?id=CVE-2010-2954
03 Sep 2010 — The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via multiple unsuccessful calls to bind on an AF_IRDA (aka PF_IRDA) socket. La función irda_bind en net/irda/af_irda.c en el kernel de Linux anterior v2.6.36-rc3-next-20100901 no maneja adecuadamente los fallos de la... • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=628e300cccaa628d8fb92aa28cb7530a3d5f2257 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2010-2226 – kernel: xfs swapext ioctl minor security issue
https://notcve.org/view.php?id=CVE-2010-2226
03 Sep 2010 — The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. La función xfs_swapext en fs/xfs/xfs_dfrag.c en el kernel de Linux kernel anterior v2.6.35 no chequea adecuadamente los descriptores de archivo en SWAPEXT ioctl, lo que permiete a usuarios locales aprovechar el acceso de escritura y obtener acc... • http://archives.free.net.ph/message/20100616.130710.301704aa.en.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 7%CPEs: 9EXPL: 0CVE-2010-2808 – FreeType: Stack-based buffer overflow by processing certain LWFN fonts
https://notcve.org/view.php?id=CVE-2010-2808
17 Aug 2010 — Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font. Desbordamiento de búfer en la función Mac_Read_POST_Resource en base/ftobjs.c de FreeType anterior a v2.4.2 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y fallo de la aplicación) o posibl... • http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 9%CPEs: 9EXPL: 1CVE-2010-2806 – FreeType: Heap-based buffer overflow by processing FontType42 fonts with negative length of SFNT strings (FT bug #30656)
https://notcve.org/view.php?id=CVE-2010-2806
17 Aug 2010 — Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. Error de índice de array en la función t42_parse_sfnts en type42/t42parse.c de FreeType anterior a v2.4.2 permite a atacantes remotos causar una denegación de servicio (fallo de la aplicación) o p... • http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 • CWE-122: Heap-based Buffer Overflow CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 5%CPEs: 9EXPL: 0CVE-2010-2807 – Ubuntu Security Notice 972-1
https://notcve.org/view.php?id=CVE-2010-2807
17 Aug 2010 — FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. FreeType anterior a v2.4.2 utiliza incorrectametne tipos de datos entero durante la comprobación de límites, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de ficheros fuente manipulados. The ... • http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 • CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 7.8EPSS: 3%CPEs: 6EXPL: 0CVE-2010-2541 – Freetype ftmulti buffer overflow
https://notcve.org/view.php?id=CVE-2010-2541
17 Aug 2010 — Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Desbordamiento de búfer en ftmulti.c en el programa ftmulti demo en FreeType anterior a v2.4.2 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de un fichero fuente manipulado. It was discovered that FreeT... • http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •