CVE-2011-4621 – kernel: tight loop and no preemption can cause system stall
https://notcve.org/view.php?id=CVE-2011-4621
The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop. El kernel de Linux antes de v2.6.37 no aplica la optimización de una actualización de reloj, lo que permite a usuarios locales provocar una denegación de servicio (bloqueo del sistema) a través de una aplicación que ejecuta código en un bucle. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f26f9aff6aaf67e9a430d16c266f91b13a5bff64 http://www.openwall.com/lists/oss-security/2011/12/21/6 https://bugzilla.redhat.com/show_bug.cgi?id=769711 https://github.com/torvalds/linux/commit/f26f9aff6aaf67e9a430d16c266f91b13a5bff64 https://access.redhat.com/security/cve/CVE-2011-4621 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2010-4650
https://notcve.org/view.php?id=CVE-2010-4650
Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging the ability to operate a CUSE server. Un desbordamiento de búfer en la función fuse_do_ioctl en fs/fusible/file.c en versiones del kernel de Linux anteriores a v2.6.37 permite a usuarios locales provocar una denegación de servicio o posiblemente tener un impacto no especificado mediante el aprovechamiento de la capacidad de operar un servidor CUSE. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7572777eef78ebdee1ecb7c258c0ef94d35bad16 http://www.openwall.com/lists/oss-security/2011/01/06/18 https://bugzilla.redhat.com/show_bug.cgi?id=667892 https://github.com/torvalds/linux/commit/7572777eef78ebdee1ecb7c258c0ef94d35bad16 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0006 – kernel: ima: fix add LSM rule bug
https://notcve.org/view.php?id=CVE-2011-0006
The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator's addition of an IMA rule for LSM. La función ima_lsm_rule_init en security/integrity/ima/ima_policy.c en versiones del kernel de Linux anteriores a v2.6.37, cuando 'Linux Security Modules' (LSM) está desactivado, permite a usuarios locales eludir las reglas de 'Integrity Measurement Architecture' (IMA) en determinadas circunstancias aprovechándose de la inclusión de una regla IMA a LSM. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9 http://www.openwall.com/lists/oss-security/2011/01/06/18 https://bugzilla.redhat.com/show_bug.cgi?id=667912 https://github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9 https://access.redhat.com/security/cve/CVE-2011-0006 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-0879 – kernel: block: CLONE_IO io_context refcounting issues
https://notcve.org/view.php?id=CVE-2012-0879
The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context. La implementación I/O para dispositivos de bloque en el núcleo de Linux anteriores a v2.6.33 no maneja adecuadamente la característica CLONE_IO, lo cual permite a usuarios locales causar una denegación de servicio (inestabilidad I/O) arrancando múltiples procesos que comparten un contexto I/O. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=61cc74fbb87af6aa551a06a370590c9bc07e29d9 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b69f2292063d2caf37ca9aec7d63ded203701bf3 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html http://marc.info/?l=bugtraq&m=139447903326211&w=2 http://rhn.redhat.com/errata/RHSA-2012-0481.html http://rhn • CWE-400: Uncontrolled Resource Consumption •
CVE-2011-4594 – kernel: send(m)msg: user pointer dereferences
https://notcve.org/view.php?id=CVE-2011-4594
The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference. La función __ sys_sendmsg en net/socket.c en el kernel de Linux antes de v3.1 permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante el uso de una llamada a la 'system call' sendmmsg debidamente modificada, dando lugar a una eliminación de referencia a puntero incorrecto. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc909d9ddbf7778371e36a651d6e4194b1cc7d4c http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.openwall.com/lists/oss-security/2011/12/08/4 https://bugzilla.redhat.com/show_bug.cgi?id=761646 https://github.com/torvalds/linux/commit/bc909d9ddbf7778371e36a651d6e4194b1cc7d4c https://access.redhat.com/security/cve/CVE-2011-4594 • CWE-476: NULL Pointer Dereference •