Page 506 of 3491 results (0.014 seconds)

CVSS: 2.1EPSS: 0%CPEs: 43EXPL: 2

CVE-2012-3430 – Linux Kernel 2.6.x - 'rds_recvmsg()' Local Information Disclosure

https://notcve.org/view.php?id=CVE-2012-3430

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket. La función rds_recvmsg en net/rds/recv.c en el Kernell de Linux anteriores a v3.0.44 no inicializa el cierto miembro de la estructura, lo que permite a usuarios locales a obtener información potencialmente sensible de la pila de memoria del kernel a través de (1) recvfrom o (2) llamada a sistema recvmsg en un socket RDS. • https://www.exploit-db.com/exploits/37543 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7 http://rhn.redhat.com/errata/RHSA-2012-1323.html http://secunia.com/advisories/50633 http://secunia.com/advisories/50732 http://secunia.com/advisories/50811 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44 http://www.openwall.com/lists/oss-security/2012/07/26/5 http://www.ubuntu.com/usn/USN- • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.6EPSS: 2%CPEs: 6EXPL: 1

CVE-2012-3400 – kernel: udf: buffer overflow when parsing sparing table

https://notcve.org/view.php?id=CVE-2012-3400

Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. Desbordamiento de búfer basado en memoria dinámica en la función udf_load_logicalvol en fs/udf/super.c en el Kernel de Linux anteriores a v3.4.5, permite a atacantes remotos causar una denegación de servicio (caída del sistema) o posiblemente tener otro impacto no especificado a través de sistemas de ficheros UDF manipulados. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1df2ae31c724e57be9d7ac00d78db8a5dabdd050 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=adee11b2085bee90bd8f4f52123ffb07882d6256 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://rhn.redhat.com/errata/RHSA-2013-0594.html http://secunia.com/advisories/50506 http://ubuntu.com/usn/usn-1529-1 • CWE-787: Out-of-bounds Write •

CVSS: 5.0EPSS: 6%CPEs: 5EXPL: 0

CVE-2012-3364

https://notcve.org/view.php?id=CVE-2012-3364

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields. Múltiples desbordamientos de búfer basados en pila en Near Field Communication Controller Interface (NCI) en el kernel de Linux antes de v3.4.5 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de tramas de entrada con campos de longitud hechas a mano. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67de956ff5dc1d4f321e16cfbd63f5be3b691b43 http://marc.info/?l=linux-kernel&m=134030878917784&w=2 http://ubuntu.com/usn/usn-1529-1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 http://www.openwall.com/lists/oss-security/2012/06/27/9 https://github.com/torvalds/linux/commit/67de956ff5dc1d4f321e16cfbd63f5be3b691b43 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 4%CPEs: 21EXPL: 0

CVE-2012-2744 – kernel: netfilter: null pointer dereference in nf_ct_frag6_reasm()

https://notcve.org/view.php?id=CVE-2012-2744

net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets. net/ipv6/netfilter/nf_conntrack_reasm.c en el kernel de Linux anterior a v2.6.34, cuando el módulo nf_conntrack_ipv6 está habilitado, permite a atacantes remotos causar una denegación de servicio (referencia de puntero a NULL y caída del sistema) mediante ciertos tipos de paquetes IPv6 fragmentados. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9e2dcf72023d1447f09c47d77c99b0c49659e5ce http://rhn.redhat.com/errata/RHSA-2012-1064.html http://rhn.redhat.com/errata/RHSA-2012-1148.html http://secunia.com/advisories/49928 http://www.securityfocus.com/bid/54367 http://www.securitytracker.com/id?1027235 https://bugzilla.redhat.com/show_bug.cgi?id=833402 https://github.com/torvalds&# • CWE-476: NULL Pointer Dereference •

CVSS: 4.7EPSS: 0%CPEs: 9EXPL: 0

CVE-2012-2745 – kernel: cred: copy_process() should clear child->replacement_session_keyring

https://notcve.org/view.php?id=CVE-2012-2745

The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call. La función copy_creds en kernel/cred.c en el kernel de Linux anteriores a v3.3.2 ofrece un reemplazo invalido de claves de sesión a un proceso hijo, permitiendo a usuarios locales causar una denegación de servicio a través de una aplicación especialmente diseñada que utiliza la llamada al sistema fork • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=79549c6dfda0603dba9a70a53467ce62d9335c33 http://rhn.redhat.com/errata/RHSA-2012-1064.html http://secunia.com/advisories/50633 http://secunia.com/advisories/50853 http://secunia.com/advisories/50961 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.2 http://www.securityfocus.com/bid/54365 http://www.securitytracker.com/id?1027236 http://www.ubuntu.com/usn/USN-1567-1 http://www.ub • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •