CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 5CVE-2009-3621 – Linux Kernel 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-3621
22 Oct 2009 — net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. net/unix/af_unix.c en el kernel de Linux v2.6.31.4 y anteriores permite a usuarios locales causar una denegación de servicio (el servidor se bloquea) creando un socket abstract-namespace AF_UNIX y realizando una ope... • https://www.exploit-db.com/exploits/10022 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 337EXPL: 0CVE-2009-2909
https://notcve.org/view.php?id=CVE-2009-2909
20 Oct 2009 — Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation. Error de presencia de signo entero en la función ax25_setsockopt en net/ax25/af_ax25.c en el subsistema ax25 en el kernel de Linux anteriores a 2.6.31.2 permite a usuarios locales producir una denegación de servicio (OOPS) a través de un valor "optlen" manipul... • http://article.gmane.org/gmane.linux.kernel/896907 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2009-2910 – kernel: x86_64 32 bit process register leak
https://notcve.org/view.php?id=CVE-2009-2910
20 Oct 2009 — arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode. arch/x86/ia32/ia32entry.S en el kernel de Linux anteriores a v2.6.31.4 en plataformas x86_64 no limpia adecuadamente ciertos registros del kernel antes de regresar al modo usuario, lo que permite a usuarios locales leer valores del registr... • http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-tip.git%3Ba=commit%3Bh=24e35800cdc4350fc34e2bed37b608a9e13ab3b6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2009-3228 – kernel: tc: uninitialised kernel memory leak
https://notcve.org/view.php?id=CVE-2009-3228
19 Oct 2009 — The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. La función tc_fill_tclass en net/sched/sch_api.c del subsistema tc en el kernel de Linux v2.4.x anteriores a la v2.4.37.6 y v2.6.x anteriores a la v2.6.31-rc9 no inicializa un determinad... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git%3Ba=commit%3Bh=096ed17f20affc2db0e307658c69b67433992a7a • CWE-401: Missing Release of Memory after Effective Lifetime CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2009-3612 – kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
https://notcve.org/view.php?id=CVE-2009-3612
19 Oct 2009 — The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. La función tcf_fill_node en net/sched/cls_api.c del subsistema netlink en el kernel de Linux v2.6.x hasta la v2.6.32-rc5, y v2.4.3... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad61df918c44316940404891d5082c63e79c256a • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 7%CPEs: 306EXPL: 4CVE-2009-3613 – Linux Kernel 2.6.x - '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-3613
19 Oct 2009 — The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping. La funcionalidad swiotlb en el controlador r8169 en drivers/net/r8169.c en el núcleo de Linux anterior a v2.6.27.22 permite a atacantes remotos provocar una denegación de servicio (agotamiento de espacio en la Unidad ... • https://www.exploit-db.com/exploits/33289 • CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2009-2908 – kernel ecryptfs NULL pointer dereference
https://notcve.org/view.php?id=CVE-2009-2908
13 Oct 2009 — The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount. La función d_delete function en fs/ecryptfs/inode.c en eCryptfs en el kernel de Linux v2.6.31 permite a usuarios locales causar una denegación de servicio (kernel OOP... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.31.y.git%3Ba=commit%3Bh=afc2b6932f48f200736d3e36ad66fee0ec733136 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 3CVE-2009-3288
https://notcve.org/view.php?id=CVE-2009-3288
22 Sep 2009 — The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. NOTE: this is only exploitable by users who can open the cdrom device. La función sg_build_indirect en drivers/scsi/sg.c en el kernel de linux v 2.6.28-rc1 a la v2.6.31-rc8 emplea una variable incorrecta cuando ... • http://lkml.org/lkml/2009/9/3/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2009-3290 – kernel: KVM: x86: Disallow hypercalls for guest callers in rings > 0
https://notcve.org/view.php?id=CVE-2009-3290
22 Sep 2009 — The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified "random addresses." La función kvm_emulate_hypercall en el archivo arch/x86/kvm/x86.c en KVM en el kernel de Linux versión 2.6.25-rc1 y otras versiones anterior... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=07708c4af1346ab1521b26a202f438366b7bcffd • CWE-399: Resource Management Errors CWE-648: Incorrect Use of Privileged APIs •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3280
https://notcve.org/view.php?id=CVE-2009-3280
21 Sep 2009 — Integer signedness error in the find_ie function in net/wireless/scan.c in the cfg80211 subsystem in the Linux kernel before 2.6.31.1-rc1 allows remote attackers to cause a denial of service (soft lockup) via malformed packets. Error de presencia de signo en entero en la función find_ie en net/wireless/scan.c en el subsistema cfg80211 del kernel de linux anterior a v2.6.31.1-rc1, permite a atacantes remotos provocar una denegación de servicio (cuelgue -soft lockup) a través de paquetes mal formados. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fcc6cb0c13555e78c2d47257b6d1b5e59b0c419a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •