CVE-2012-4508 – kernel: ext4: AIO vs fallocate stale data exposure
https://notcve.org/view.php?id=CVE-2012-4508
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized. Condición de carrera en fs/ext4/extents.c. En el kernel Linux antes de v3.4.16 permite a usuarios locales obtener información sensible de un archivo eliminado mediante la lectura de un 'extent' que no fue correctamente marcado como 'no inicializado' . • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dee1f973ca341c266229faa5a1a5bb268bed3531 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html http://rhn.redhat.com/errata/RHSA-2012-1540.html http://rhn.redhat.com/errata/RHSA-2013-0496.html http://rhn.redhat.com/errata/RHSA-2013-1519.html http://rhn.redhat.com/errata/RHSA-2013-1783.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16 http://www.openw • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2012-0957 – Linux Kernel 3.2.x - 'uname()' System Call Local Information Disclosure
https://notcve.org/view.php?id=CVE-2012-0957
The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality. La función override_release en kernel/sys.c en el kernel de Linux antes de v3.4.16 permite a usuarios locales obtener información sensible de la memoria de la pila del núcleo a través de una llamada al sistema uname junto con una personalidad UNAME26. • https://www.exploit-db.com/exploits/37937 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2702b1526c7278c4d65d78de209a465d4de2885e http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html http://secunia.com/advisories/51409 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16 http://www.openwall.com/lists/oss-security/2012/10/09/4 http://www.ubuntu.com/usn/USN-1644-1 http://www.ubuntu.com/usn/USN-1645- • CWE-16: Configuration CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2012-4565 – kernel: net: divide by zero in tcp algorithm illinois
https://notcve.org/view.php?id=CVE-2012-4565
The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats. La función tcp_illinois_info en net/ipv4/tcp_illinois.c en el kernel de Linux antes de v3.4.19, cuando la opción net.ipv4.tcp_congestion_control illinois está habilitada, permite a usuarios locales provocar una denegación de servicio (división por cero y caída) mediante la lectura de estadísticas TCP. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html http://rhn.redhat.com/errata/RHSA-2012-1580.html http://secunia.com/advisories/51409 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.19 http://www.openwall.com/lists/oss-security/2012/10/31/5 http://www.securityfocus.com/bid/56346 http://www.ubuntu.com/usn/USN- • CWE-189: Numeric Errors •
CVE-2012-4467
https://notcve.org/view.php?id=CVE-2012-4467
The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a crafted ioctl call. Las funciones (1) do_siocgstamp y (2) do_siocgstampns en net/socket.c en el kernel Linux antes de v3.5.4, utiliza un orden incorrecto de los argumentos, lo que podría permitir a un usuario local obtener información sensible de la memoria del kernel o provocar una denegación de servicio (caída del sistema) a través de una llamada ioctl manipulada. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.4 http://www.openwall.com/lists/oss-security/2012/10/04/2 http://www.securityfocus.com/bid/55785 https://github.com/torvalds/linux/commit/ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d • CWE-399: Resource Management Errors •
CVE-2012-3520 – kernel: af_netlink: invalid handling of SCM_CREDENTIALS passing
https://notcve.org/view.php?id=CVE-2012-3520
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager. La implementación Netlink en el kernel Linux antes de v3.2.30, no controla correctamente los mensajes que carecen de datos SCM_CREDENTIALS, lo que podría permitir a usuarios locales falsificar la comunicación Netlink a través de un mensaje elaborado, como lo demuestra un mensaje para (1) Avahi o (2) NetworkManager. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e0e3cea46d31d23dc40df0a49a7a2c04fe8edfea http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00018.html http://secunia.com/advisories/50848 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.30 http://www.openwall.com/lists/oss-security/2012/08/22/1 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.h • CWE-287: Improper Authentication •