Page 552 of 2995 results (0.026 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer. Error de índice de array en la función asihpi_hpi_ioctl de sound/pci/asihpi/hpioctl.c del controlador AudioScience HPI del kernel de Linux en versiones anteriores a 2.6.38.1. Puede permitir a usuarios locales provocar una denegación de servicio (corrupción de memoria) o posiblemente escalar privilegios a través de un valor de índice de adaptador modificado que provoca el acceso a un puntero del kernel inválido. • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=4a122c10fbfe9020df469f0f669da129c5757671 http://openwall.com/lists/oss-security/2011/03/18/1 http://openwall.com/lists/oss-security/2011/03/18/2 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.1 https://bugzilla.redhat.com/show_bug.cgi?id=688898 • CWE-129: Improper Validation of Array Index •

CVSS: 7.2EPSS: 0%CPEs: 666EXPL: 0

Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow. Desbordamiento de entero en la función _ctl_do_mpt_command en drivers/scsi/mpt2sas/mpt2sas_ctl.c en el kernel de Linux v2.6.38 y anteriores puede permitir a usuarios locales ganar privilegios o causar una denegación de servicio (corrupción de memoria) a través de una llamada ioctl especificando un valor manipulado provocando un desbordamiento de búfer basado en heap. • http://downloads.avaya.com/css/P8/documents/100145416 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://lkml.org/lkml/2011/4/5/327 http://openwall.com/lists/oss-security/2011/04/05/32 http://openwall.com/lists/oss-security/2011/04/06/2 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://secunia.com/advisories/46397 http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/47185 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •

CVSS: 7.2EPSS: 0%CPEs: 666EXPL: 0

drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. drivers/scsi/mpt2sas/mpt2sas_ctl.c en el kernel de Linux v2.6.38 y anteriores no valida (1) la longitud y (2) los valores de desplazamiento (el 'offset') antes de realizar operaciones de copia de memoria, lo que podría permitir a usuarios locales conseguir privilegios, provocar una denegación de servicio (por corrupción de memoria), u obtener información sensible de la memoria del kernel a través de una llamada ioctl debidamente modificada a través de las funciones _ctl_do_mpt_command y _ctl_diag_read_buffer. • http://downloads.avaya.com/css/P8/documents/100145416 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://lkml.org/lkml/2011/4/5/327 http://openwall.com/lists/oss-security/2011/04/05/32 http://openwall.com/lists/oss-security/2011/04/06/2 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://secunia.com/advisories/46397 http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/47185 http: • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.9EPSS: 0%CPEs: 666EXPL: 0

Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media. Desbordamiento de búfer basado en memoria dinámica en la función is_gpt_valid en fs/partitions/efi.c en el kernel de Linux v2.6.38 y anteriores, permite a atacantes físicamente próximos causar una denegación de servicio (OOPS) o posiblemente tener un impacto no especificado a través de un tamaño manipulado de la cabecera de partición EFI GUID en un medio extraíble. • http://downloads.avaya.com/css/P8/documents/100145416 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html http://openwall.com/lists/oss-security/2011/04/12/17 http://openwall.com/lists/oss-security/2011/04/13/1 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://securityreason.com/securityalert/8238 http://securitytracker.com/id?1025355 http://www.securityfocus.com/archive/1/517477/100/0/threaded http://www.securityfocus.com/bid/47343 http:& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 2

The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized disk locations by reading a file. La función ocfs2_prepare_page_for_write en fs/ocfs2/aops.c en el subsistema Oracle Cluster File System 2 (OCFS2) en el Kernel de Linux anterior a v2.6.39-rc1 no maneja correctamente los canales que cruzan los límites de página, permitiendo a usuarios locales obtener información sensible desde distintos puntos del disco sin inicializar mediante la lectura de un archivo. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=272b62c1f0f6f742046e45b50b6fec98860208a0 http://oss.oracle.com/pipermail/ocfs2-devel/2011-February/007846.html http://secunia.com/advisories/43966 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.39-rc1 http://www.ubuntu.com/usn/USN-1146-1 https://bugzilla.novell.com/show_bug.cgi?id=673037 • CWE-20: Improper Input Validation •