CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2011-1771 – kernel: cifs oops when creating file with O_DIRECT set
https://notcve.org/view.php?id=CVE-2011-1771
The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to open a file on a CIFS filesystem. La función cifs_close en fs/cifs/file.c en el kernel de Linux antes de su versión v2.6.39 permite a usuarios locales provocar una denegación de servicio (puntero a NULL y Error) o posiblemente tener un impacto no especificado estableciendo el flag O_DIRECT durante un intento de abrir un archivo en un sistema de archivos CIFS. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7797069305d13252fd66cf722aa8f2cbeb3c95cd http://marc.info/?l=linux-cifs&m=130204357001849&w=2 http://marc.info/?l=linux-cifs&m=130204730006155&w=2 http://securityreason.com/securityalert/8367 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://www.openwall.com/lists/oss-security/2011/05/09/2 https://bugzilla.redhat.com/show_bug.cgi?id=703016 https://access.redhat.com/secu • CWE-476: NULL Pointer Dereference •
CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1019 – kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
https://notcve.org/view.php?id=CVE-2011-1019
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability. La función dev_load en net/core/dev.c en el kernel de Linux anterior a v2.6.38 permite a usuarios locales eludir las capacidades CAP_SYS_MODULE requeridas y cargar modulos arbitrarios mediante el aprovechamiento de la capacidad CAP_NET_ADMIN. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8909c9ad8ff03611c9c96c9a92656213e4bb495b http://www.openwall.com/lists/oss-security/2011/02/25/1 https://bugzilla.redhat.com/show_bug.cgi?id=680360 https://github.com/torvalds/linux/commit/8909c9ad8ff03611c9c96c9a92656213e4bb495b https://access.redhat.com/security/cve/CVE-2011-1019 •
CVSS: 7.8EPSS: 2%CPEs: 6EXPL: 0CVE-2011-1093 – kernel: dccp: fix oops on Reset after close
https://notcve.org/view.php?id=CVE-2011-1093
The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet. Función dccp_rcv_state_process en net/dccp/input.c en la implementación de Datagram Congestion Control Protocol(DCCP)en el kernel de linux antes de v2.6.38 no maneja adecuadamente paquetes para un extremo cerrado, que permite a atacantes remotos provocar una denegación de servicio ( puntero a NULO y OOPS ) mediante el envío de un paquete DCCP-Close seguido por un paquete DCCP-Reset. • http://downloads.avaya.com/css/P8/documents/100145416 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d http://openwall.com/lists/oss-security/2011/03/08/19 http://openwall.com/lists/oss-security/2011/03/08/4 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 http://www.securityfocus.com/bid/46793 https://bugzilla.redhat.com/show_bug.cgi • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4805 – kernel: unlimited socket backlog DoS
https://notcve.org/view.php?id=CVE-2010-4805
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4251. La implementación del socket en net/core/sock.c en el kernel de Linux anteriores a v2.6.35 no maneja correctamente un retraso de los paquetes recibidos, lo que permite a atacantes remotos provocar una denegación de servicio mediante el envío de una gran cantidad de tráfico de la red, relacionados con la función sk_add_backlog y el campo de toma de sk_rmem_alloc. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2010-4251. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c377411f2494a931ff7facdbb3a6839b1266bcf6 http://kerneltrap.org/mailarchive/linux-netdev/2010/3/3/6271093/thread http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35 http://www.securityfocus.com/bid/46637 https://bugzilla.redhat.com/show_bug.cgi?id=657303 https://access.redhat.com/security/cve/CVE-2010-4805 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0CVE-2010-4251 – kernel: unlimited socket backlog DoS
https://notcve.org/view.php?id=CVE-2010-4251
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests. La implementación del socket en net/core/sock.c en el kernel de Linux anterior a v2.6.34 no maneja correctamente un retraso de los paquetes recibidos, que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) mediante el envío de una gran cantidad de la red tráfico, como lo demuestran las pruebas netperf UDP. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8eae939f1400326b06d0c9afe53d2a484a326871 http://kerneltrap.org/mailarchive/linux-netdev/2010/3/3/6271093/thread http://secunia.com/advisories/46397 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/46637 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/sh • CWE-400: Uncontrolled Resource Consumption •