CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2010-0003 – kernel: infoleak if print-fatal-signals=1
https://notcve.org/view.php?id=CVE-2010-0003
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address. La función print_fatal_signal en kernel/signal.c en el kernel de Linux en versiones anteriores a v2.6.32.4 en plataformas i386, cuando print-fatal-signals esta activado, permite a usuarios locales descubrir los contenidos de zonas arbitrarias de memoria mediante saltos a una direcciones y después leyendo un fichero de log, y permitiría a usuarios locales producir una denegación de servicio (ralentización o caída del sistema) mediante saltos a una dirección. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0 http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html http://patchwork.kernel.org/patch/69752 http://secunia.com/advisories/38333 http:&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 138EXPL: 0CVE-2010-0007 – kernel: netfilter: ebtables: enforce CAP_NET_ADMIN
https://notcve.org/view.php?id=CVE-2010-0007
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application. net/bridge/netfilter/ebtables.c en el módulo ebtables en netfilter framework en el kernel de Linux anterior a v2.6.33-rc4 no requiere de la capacidad CAP_NET_ADMIN para establecer o modificar reglas, lo que permite a usuarios locales evitar las restricciones de acceso establecidas y configurar filtrado de tráfico de red de su elección a través de la aplicación ebtables modificada • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dce766af541f6605fa9889892c0280bab31c66ab http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html http://li • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 139EXPL: 3CVE-2009-4141 – Linux Kernel < 2.6.28 - 'fasync_helper()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-4141
Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file. Vulnerabilidad de uso anterior a la liberación en la función fasync_helper en fs/fcntl.c en el kernel de Linux anterior a v2.6.33 permite a usuarios locales obtener privilegios a través de vectores que incluyen habilitado O_ASYNC (también conocido como FASYNC o FIOASYNC) sobre un fichero bloqueado, y cerrando después este fichero. • https://www.exploit-db.com/exploits/33523 http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0252.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53281b6d34d44308372d16acb7fb5327609f68b6 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html http://lock.cmpxchg8b.com/5ebe2294ecd0e0f08eab7690d2a6ee69/create_elf_tables.c http://secunia.com/advisories/38199 http://secunia.com/advisories/39033 http://support.avaya.com/css/P8/documents/10007 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2009-4538 – kernel: e1000e frame fragment issue
https://notcve.org/view.php?id=CVE-2009-4538
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537. drivers/net/e1000e/netdev.c en el driver e1000e en el kernel de Linux v2.6.32.3 y anteriores no comprueba adecuadamente el tamaño de una trama Ethernet que excede el MTU, lo que permite a atacantes remotos conseguir un impacto desconocido a través de paquetes manipulados, un hecho relacionado con CVE-2009-4537. • http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html http://secunia.com/advisories/38031 http://secunia&# •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2009-4536 – kernel: e1000 issue reported at 26c3
https://notcve.org/view.php?id=CVE-2009-4536
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385. drivers/net/e1000/e1000_main.c en el driver e1000 en el kernel de Linux v2.6.32.3 y anteriores gestiona tramas Ethernet que exceden el MTU procesando con retraso datos como si fuesen tramas completas, lo que permite a atacantes remotos evitar los filtros de paquete con un payload manipulado. NOTA: Esta vulnerabilidad existe debido a un arregle incorrecto de CVE-2009-1385. • http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.h • CWE-189: Numeric Errors •