Page 510 of 2868 results (0.055 seconds)

CVSS: 6.9EPSS: 0%CPEs: 7EXPL: 0

CVE-2011-2022 – kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls

https://notcve.org/view.php?id=CVE-2011-2022

The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745. La función agp_generic_remove_memory en los drivers /char/agp/generic.c del kernel de Linux con anterioridad a v2.6.38.5 no valida un parámetro de inicio determinado, lo que permite a usuarios locales conseguir privilegios o causar una denegación de servicio ( fallo del sistema ) a través de una llamada manipulada AGPIOC_UNBIND agp_ioctl ioctl, es una vulnerabilidad diferente de CVE -2011- 1745. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce http://openwall.com/lists/oss-security/2011/04/21/4 http://openwall.com/lists/oss-security/2011/04/22/7 http://rhn.redhat.com/errata/RHSA-2011-0927.html http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5 http://www.securityfocus.com/bid/47843 https://bugzilla.redhat.com/show_bug.cgi?id=698996 https://lkml.org/lkml/2011/4/14&#x • CWE-20: Improper Input Validation •

CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 1

CVE-2011-1593 – kernel: proc: signedness issue in next_pidmap()

https://notcve.org/view.php?id=CVE-2011-1593

Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. Múltiples desbordamientos de entero en la función next_pidmap en kernel/pid.c en el kernel de Linux antes de v2.6.38.4 permiten a usuarios locales causar una denegación de servicio (por caída del sistema) a través de una llamada al sistema (1) getdents o (2) readdir. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c78193e9c7bcbf25b8237ad0dec82f805c4ea69b http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d8bdc59f215e62098bc5b4256fd9928bf27053a1 http://groups.google.com/group/fa.linux.kernel/msg/4a28ecb7f755a88d?dmode=source http://openwall.com/lists/oss-security/2011/04/19/1 http://openwall.com/lists/oss-security/2011/04/20/1 http://rhn.redhat.com/errata/RHSA-2011-0927.html http://secunia • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2011-1169

https://notcve.org/view.php?id=CVE-2011-1169

Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer. Error de índice de array en la función asihpi_hpi_ioctl de sound/pci/asihpi/hpioctl.c del controlador AudioScience HPI del kernel de Linux en versiones anteriores a 2.6.38.1. Puede permitir a usuarios locales provocar una denegación de servicio (corrupción de memoria) o posiblemente escalar privilegios a través de un valor de índice de adaptador modificado que provoca el acceso a un puntero del kernel inválido. • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=4a122c10fbfe9020df469f0f669da129c5757671 http://openwall.com/lists/oss-security/2011/03/18/1 http://openwall.com/lists/oss-security/2011/03/18/2 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.1 https://bugzilla.redhat.com/show_bug.cgi?id=688898 • CWE-129: Improper Validation of Array Index •

CVSS: 7.2EPSS: 0%CPEs: 666EXPL: 0

CVE-2011-1495 – kernel: drivers/scsi/mpt2sas: prevent heap overflows

https://notcve.org/view.php?id=CVE-2011-1495

drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. drivers/scsi/mpt2sas/mpt2sas_ctl.c en el kernel de Linux v2.6.38 y anteriores no valida (1) la longitud y (2) los valores de desplazamiento (el 'offset') antes de realizar operaciones de copia de memoria, lo que podría permitir a usuarios locales conseguir privilegios, provocar una denegación de servicio (por corrupción de memoria), u obtener información sensible de la memoria del kernel a través de una llamada ioctl debidamente modificada a través de las funciones _ctl_do_mpt_command y _ctl_diag_read_buffer. • http://downloads.avaya.com/css/P8/documents/100145416 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://lkml.org/lkml/2011/4/5/327 http://openwall.com/lists/oss-security/2011/04/05/32 http://openwall.com/lists/oss-security/2011/04/06/2 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://secunia.com/advisories/46397 http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/47185 http: • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 666EXPL: 0

CVE-2011-1494 – kernel: drivers/scsi/mpt2sas: prevent heap overflows

https://notcve.org/view.php?id=CVE-2011-1494

Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow. Desbordamiento de entero en la función _ctl_do_mpt_command en drivers/scsi/mpt2sas/mpt2sas_ctl.c en el kernel de Linux v2.6.38 y anteriores puede permitir a usuarios locales ganar privilegios o causar una denegación de servicio (corrupción de memoria) a través de una llamada ioctl especificando un valor manipulado provocando un desbordamiento de búfer basado en heap. • http://downloads.avaya.com/css/P8/documents/100145416 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://lkml.org/lkml/2011/4/5/327 http://openwall.com/lists/oss-security/2011/04/05/32 http://openwall.com/lists/oss-security/2011/04/06/2 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://secunia.com/advisories/46397 http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/47185 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •