CVSS: 7.5EPSS: 2%CPEs: 17EXPL: 1CVE-2011-1493
https://notcve.org/view.php?id=CVE-2011-1493
Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket. Un error de indice de array en la función rose_parse_national en net/rose/rose_subr.c en versiones del kernel de Linux anteriores a v2.6.39 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria dinámica) o posiblemente tener un impacto no especificado mediante la composición de datos FAC_NATIONAL_DIGIS que especifican un gran número de 'digipeaters', y luego envian datos a un socket de 'ROSE'. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=be20250c13f88375345ad99950190685eda51eb8 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://www.openwall.com/lists/oss-security/2011/04/05/19 https://bugzilla.redhat.com/show_bug.cgi?id=770777 https://github.com/torvalds/linux/commit/be20250c13f88375345ad99950190685eda51eb8 •
CVSS: 2.1EPSS: 0%CPEs: 17EXPL: 1CVE-2011-1160 – kernel: tpm infoleaks
https://notcve.org/view.php?id=CVE-2011-1160
The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors. La función de tpm_open en drivers/char/tpm/tpm.c en el kernel de Linux anteriores a v2.6.39 no se inicializa un búfer concreto, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a través de vectores no especificados. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1309d7afbed112f0e8e90be9af975550caa0076b http://www.openwall.com/lists/oss-security/2011/03/15/13 https://bugzilla.redhat.com/show_bug.cgi?id=684671 https://github.com/torvalds/linux/commit/1309d7afbed112f0e8e90be9af975550caa0076b https://access.redhat.com/security/cve/CVE-2011-1160 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.1EPSS: 0%CPEs: 674EXPL: 0CVE-2011-1171 – kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace
https://notcve.org/view.php?id=CVE-2011-1171
net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process. net/ipv4/netfilter/ip_tables.c en la implementación de IPv4 en el kernel de Linux antes de v2.6.39 no coloca el caracter esperado '\ 0' al final de la cadena de datos en los valores de una estructura de miembros, lo que permite a usuarios locales obtener información sensible de la memoria del kernel mediante el aprovechamiento de la capacidad CAP_NET_ADMIN para emitir una petición manipulada, y leer el argumento del proceso modprobe resultante. • http://downloads.avaya.com/css/P8/documents/100145416 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=78b79876761b86653df89c48a7010b5cbd41a84a http://marc.info/?l=linux-kernel&m=129978077609894&w=2 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://securityreason.com/securityalert/8278 http://securityreason.com/securityalert/8283 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://www.openwall.com/lists/oss-security/2011/03/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2011-1477
https://notcve.org/view.php?id=CVE-2011-1477
Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer. Múltiples errores de índice de matriz en sound/oss/opl3.c en versiones del kernel de Linux anteriores a v2.6.39 permiten a usuarios locales provocar una denegación de servicio (corrupción de memoria dinámica) o posiblemente obtener privilegios mediante el aprovechamiento del acceso de escritura a /dev/sequencer. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4d00135a680727f6c3be78f8befaac009030e4df http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://www.openwall.com/lists/oss-security/2011/03/25/1 https://github.com/torvalds/linux/commit/4d00135a680727f6c3be78f8befaac009030e4df • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.6EPSS: 0%CPEs: 7EXPL: 1CVE-2011-1182 – kernel signal spoofing issue
https://notcve.org/view.php?id=CVE-2011-1182
kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call. kernel/signal.c en Linux kernel anterior a v2.6.39 permite a usuarios locales falsear el "uid" y el "pid" a través de un envío de señal de una llamada del sistema "sigqueueinfo". • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=da48524eb20662618854bb3df2db01fc65f3070c http://rhn.redhat.com/errata/RHSA-2011-0927.html http://www.openwall.com/lists/oss-security/2011/03/23/2 https://bugzilla.redhat.com/show_bug.cgi?id=690028 https://github.com/torvalds/linux/commit/da48524eb20662618854bb3df2db01fc65f3070c https://access.redhat.com/security/cve/CVE-2011-1182 •