CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2208
https://notcve.org/view.php?id=CVE-2011-2208
13 Jun 2012 — Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call. Error de signo de entero en la función osf_getdomainname de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha permite a usuarios locales obtener información sensible de la memoria del kernel a través de una llamada ... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2210
https://notcve.org/view.php?id=CVE-2011-2210
13 Jun 2012 — The osf_getsysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform does not properly restrict the data size for GSI_GET_HWRPB operations, which allows local users to obtain sensitive information from kernel memory via a crafted call. La función osf_getsysinfo de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha no restringe apropiadamente el tamaño de datos de las operaciones GSI_GET_HWRPB, lo que pe... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2012-2375 – kernel: incomplete fix for CVE-2011-4131
https://notcve.org/view.php?id=CVE-2012-2375
13 Jun 2012 — The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131. La función __nfs4_get_acl_uncached de fs/nfs/nfs4proc.c de la implementación NFSv4 del kernel de Linux en versiones... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=20e0fa98b751facf9a1101edaefbc19c82616a68 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 1CVE-2012-2313 – kernel: unfiltered netdev rio_ioctl access by users
https://notcve.org/view.php?id=CVE-2012-2313
12 Jun 2012 — The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. La función rio_ioctl de drivers/net/ethernet/dlink/dl2k.c del kernel de Linux en versiones anteriores a la 3.3.7 no restringe el acceso al comando SIOCSMIIREG, lo que permite a usuarios locales escribir datos a un adaptador Ethernet a través de una llamada ioctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 1CVE-2012-2383 – kernel: drm/i915: integer overflow in i915_gem_execbuffer2()
https://notcve.org/view.php?id=CVE-2012-2383
12 Jun 2012 — Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. Desbordamiento de entero en la función i915_gem_execbuffer2 de drivers/gpu/drm/i915/i915_gem_execbuffer.c del subsistema Direct Rendering Manager (DRM) del kernel de Linux e... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ed8cd3b2cd61004cab85380c52b1817aca1ca49b • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2012-2384 – kernel: drm/i915: integer overflow in i915_gem_do_execbuffer()
https://notcve.org/view.php?id=CVE-2012-2384
12 Jun 2012 — Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. Desbordamiento de entero en la función i915_gem_do_execbuffer de drivers/gpu/drm/i915/i915_gem_execbuffer.c del subsistema Direct Rendering Manager (DRM) del kernel de Lin... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=44afb3a04391a74309d16180d1e4f8386fdfa745 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2012-2136 – kernel: net: insufficient data_len validation in sock_alloc_send_pskb()
https://notcve.org/view.php?id=CVE-2012-2136
29 May 2012 — The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device. La función sock_alloc_send_pskb en net/core/sock.c en el kernel de linux anterior a v3.4.5 no valida correctamente ciertos valores de longitud, permitiendo a usuarios locales causar una denegación de servi... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2707
https://notcve.org/view.php?id=CVE-2011-2707
24 May 2012 — The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request. La función ptrace_setxregs en ??arch/xtensa/kernel/ptrace.c en el kernel de Linux antes de v3.1 no valida los punteros de espacio de usuario, lo que permite a usuarios locales obtener información sensible de las posiciones de memoria del kernel a través de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0d0138ebe24b94065580bd2601f8bb7eb6152f56 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-4080 – kernel: sysctl: restrict write access to dmesg_restrict
https://notcve.org/view.php?id=CVE-2011-4080
24 May 2012 — The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAP_SYS_ADMIN capability to modify the dmesg_restrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as demonstrated by a root user in a Linux Containers (aka LXC) environment. La función sysrq_sysctl_handler en kernel/sysctl.c en el kernel de Linux antes de v2.6.39 no requiere la capacidad de CAP_SYS_ADMIN para mod... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-2906
https://notcve.org/view.php?id=CVE-2011-2906
24 May 2012 — Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioctl call. NOTE: this may be a vulnerability only in unusual environments that provide a privileged program for obtaining the required file descriptor. ** DISPUTADA ** Error de signo de enteros en la función pmcraid_ioctl_passthrough en drivers/scsi/pmcraid.c ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5b515445f4f5a905c5dd27e6e682868ccd6c09d • CWE-400: Uncontrolled Resource Consumption •