CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 0CVE-2011-0710 – kernel: s390 task_show_regs infoleak
https://notcve.org/view.php?id=CVE-2011-0710
The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/. La función task_show_regs en arch/s390/kernel/traps.c en el kernel Linux antes de v2.6.38-rc4-next-20110216 en la plataforma s390 permite a usuarios locales obtener los valores de los registros de un proceso de su elección mediante la lectura del archivo del proceso en /proc. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=261cd298a8c363d7985e3482946edb4bfedacf98 http://openwall.com/lists/oss-security/2011/02/16/3 http://openwall.com/lists/oss-security/2011/02/16/9 http://secunia.com/advisories/46397 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.38-rc4-next-20110216.bz2 http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/46421 http://www.vmware.com • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2011-0712 – kernel: ALSA: caiaq - Fix possible string-buffer overflow
https://notcve.org/view.php?id=CVE-2011-0712
Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c. Múltiples desbordamientos de búfer en la funcionalidad caiaq Native Instruments USB audio en el kernel de Linux antes de v2.6.38-rc4-next-20110215 podrían permitir a atacantes provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de un nombre de dispositivo USB demasiado largo, en relación con (1) la función snd_usb_caiaq_audio_init en sound /usb/caiaq/audio.c y (2) la función snd_usb_caiaq_midi_init en sound/usb/caiaq/midi.c. • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=eaae55dac6b64c0616046436b294e69fc5311581 http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.38-rc4-next-20110215.bz2 http://www.openwall.com/lists/oss-security/2011/02/16/11 http://www.openwall.com/lists/oss-security/2011/02/16/12 http://www.openwall.com/lists/oss-security/2011/02/16/5 http://www.securityfocus.com/bid/46419 http://www.ubuntu.com/usn/USN-1146-1 https:/ • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 1CVE-2011-0709
https://notcve.org/view.php?id=CVE-2011-0709
The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table. La función br_mdb_ip_get en net/bridge/ br_multicast.c en el kernel de Linux antes de v2.6.35-rc5 permite a atacantes remotos provocar una denegación de servicio (desreferencia a puntero nulo y caída del sistema) a través de un paquete IGMP, en relación con la falta de una tabla de multicast. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7f285fa78d4b81b8458f05e77fb6b46245121b4e http://openwall.com/lists/oss-security/2011/02/16/1 http://openwall.com/lists/oss-security/2011/02/16/14 http://openwall.com/lists/oss-security/2011/02/16/8 http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.35/ChangeLog-2.6.35-rc5 http://www.securityfocus.com/bid/41432 http://www.spinics.net/lists/netdev/msg134414.html http://www&# • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4656 – kernel: iowarrior usb device heap overflow
https://notcve.org/view.php?id=CVE-2010-4656
The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report. La función iowarrior_write en drivers/usb/misc/iowarrior.c en el kernel Linux anterior a v2.6.37 no asigna memoria adecuadamente, lo que permite a usuarios locales desencadenar un desbordamiento de búfer basado en memoria dinámica, y en consecuencia provocar una denegación de servicio o obtener privilegios a través de un informe largo. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3ed780117dbe5acb64280d218f0347f238dafed0 http://openwall.com/lists/oss-security/2011/01/24/9 http://openwall.com/lists/oss-security/2011/01/25/3 http://openwall.com/lists/oss-security/2011/01/25/4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://www.securityfocus.com/bid/46069 http://www.ubuntu.com/usn/USN-1146-1 https://bugzilla.redhat.com/show_bug.cgi?id&# • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2011-0521 – kernel: av7110 negative array offset
https://notcve.org/view.php?id=CVE-2011-0521
The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. La función dvb_ca_ioctl function en drivers/media/dvb/ttpci/av7110_ca.c para el kernel Linux anterior a v2.6.38-rc2 no comprueba el signo de un campo entero determinado, lo que permite a usuarios locales causar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de un valor negativo. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cb26a24ee9706473f31d34cc259f4dcf45cd0644 http://openwall.com/lists/oss-security/2011/01/24/2 http://openwall.com/lists/oss-security/2011/01/25/2 http://secunia.com/advisories/43009 http://secunia.com/advisories/46397 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc2 http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/45986 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •