CVSS: 4.9EPSS: 0%CPEs: 666EXPL: 0CVE-2011-1577 – kernel: corrupted GUID partition tables can cause kernel oops
https://notcve.org/view.php?id=CVE-2011-1577
Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media. Desbordamiento de búfer basado en memoria dinámica en la función is_gpt_valid en fs/partitions/efi.c en el kernel de Linux v2.6.38 y anteriores, permite a atacantes físicamente próximos causar una denegación de servicio (OOPS) o posiblemente tener un impacto no especificado a través de un tamaño manipulado de la cabecera de partición EFI GUID en un medio extraíble. • http://downloads.avaya.com/css/P8/documents/100145416 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html http://openwall.com/lists/oss-security/2011/04/12/17 http://openwall.com/lists/oss-security/2011/04/13/1 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://securityreason.com/securityalert/8238 http://securitytracker.com/id?1025355 http://www.securityfocus.com/archive/1/517477/100/0/threaded http://www.securityfocus.com/bid/47343 http:& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 2CVE-2011-0463
https://notcve.org/view.php?id=CVE-2011-0463
The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized disk locations by reading a file. La función ocfs2_prepare_page_for_write en fs/ocfs2/aops.c en el subsistema Oracle Cluster File System 2 (OCFS2) en el Kernel de Linux anterior a v2.6.39-rc1 no maneja correctamente los canales que cruzan los límites de página, permitiendo a usuarios locales obtener información sensible desde distintos puntos del disco sin inicializar mediante la lectura de un archivo. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=272b62c1f0f6f742046e45b50b6fec98860208a0 http://oss.oracle.com/pipermail/ocfs2-devel/2011-February/007846.html http://secunia.com/advisories/43966 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.39-rc1 http://www.ubuntu.com/usn/USN-1146-1 https://bugzilla.novell.com/show_bug.cgi?id=673037 • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 1CVE-2011-1083 – Linux Kernel 2.6.x - epoll Nested Structures Local Denial of Service
https://notcve.org/view.php?id=CVE-2011-1083
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. La implementación epoll en el Kernel de Linux v2.6.37.2 y anteriores no cruza un árbol de descriptores de fichero epoll adecuadamente, lo que permite a usuarios locales provocar una denegación de servicio (consumo de CPU) a través de una aplicación manipulada que hace epoll_create y llamadas al sistema epoll_ctl. • https://www.exploit-db.com/exploits/35403 http://article.gmane.org/gmane.linux.kernel/1105744 http://article.gmane.org/gmane.linux.kernel/1105888 http://article.gmane.org/gmane.linux.kernel/1106686 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html http://openwall.com/lists/oss-security/2011/03/02/1 http://openwall.com/lists/oss-security/2011/03/02/2 http://rhn.redhat.com/e • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1082 – Linux Kernel 2.6.x - fs/eventpoll.c epoll Data Structure File Descriptor Local Denial of Service
https://notcve.org/view.php?id=CVE-2011-1082
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. fs/eventpoll.c en el kernel de Linux anterior a v2.6.38 coloca descriptores de fichero epoll dentro de otra estructura de datos epoll sin comprobar correctamente para (1) bucles cerrados (2) profundidad de cadena, lo que permite a usuarios locales provocar una denegación de servicio (bloqueo o agotamiento de la pila de memoria) a través de una aplicación que hace epoll_create y llamadas al sistema epoll_ctl. • https://www.exploit-db.com/exploits/35404 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22bacca48a1755f79b7e0f192ddb9fbb7fc6e64e http://openwall.com/lists/oss-security/2011/03/02/1 http://openwall.com/lists/oss-security/2011/03/02/2 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 https://bugzilla.redhat.com/show_bug.cgi?id=681575 https://lkml.org/lkml/2011/2/5/220 https://access.redhat.com/security/cve/CVE-20 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0CVE-2011-1163 – kernel: fs/partitions: Corrupted OSF partition table infoleak
https://notcve.org/view.php?id=CVE-2011-1163
The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing. La función ofs/partitions/osf.c en el kernel de linux anterior a v2.6.38 no maneja correctamente un número inválido de particiones, lo que permite a usuarios locales obtner información sensible del heap mediante vectores relacionados con el análisis de la tabla de particiones. • http://downloads.avaya.com/css/P8/documents/100145416 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://openwall.com/lists/oss-security/2011/03/15/14 http://openwall.com/lists/oss-security/2011/03/15/9 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://securityreason.com/securityalert/8189 http://securitytracker.com/id?1025225 • CWE-20: Improper Input Validation •