CVSS: 4.0EPSS: 0%CPEs: 171EXPL: 1CVE-2012-5374
https://notcve.org/view.php?id=CVE-2012-5374
The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value. La característica CRC32C en la aplicación Btrfs en el kernel Linux antes de v3.8-rc1 permite a usuarios locales provocar una denegación de servicio (tiempo de respaldo extendido de código del kernel) creando diferentes archivos cuyos nombres están asociados con el valor hash CRC32C mismo. • http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9c52057c698fb96f8f07e7a4bcf4801a092bda89 http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html http://openwall.com/lists/oss-security/2012/12/13/20 http://www.kernel.org/pub/linux/kernel/v3.x/testing/patch-3.8-rc1.bz2 http://www.ubuntu.com/usn/USN-1944-1 http://www.ubuntu.com/usn/USN-1945-1 http://www.u • CWE-310: Cryptographic Issues •
CVSS: 6.2EPSS: 0%CPEs: 167EXPL: 1CVE-2013-0268 – Linux Kernel 3.7.6 (RedHat x86/x64) - 'MSR' Driver Privilege Escalation
https://notcve.org/view.php?id=CVE-2013-0268
The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. La funcion msr_open en arch/x86/kernel/msr.c en el kernel de Linux anterior a v3.7.6 permite a usuarios locales eludir las capacidades de restricción mediante la ejecución de una aplicación manipulada como root, como se demostró con msr32.c. • https://www.exploit-db.com/exploits/27297 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c903f0456bc69176912dee6dd25c6a66ee1aed00 http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6 http://www.openwall.com/lists/oss-security/2013/02/07/12 https://bugzilla.redhat.com/show_bug.cgi?id=908693 http • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.2EPSS: 0%CPEs: 170EXPL: 1CVE-2013-0216 – kernel: xen: Linux netback DoS via malicious guest ring.
https://notcve.org/view.php?id=CVE-2013-0216
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. La funcionalidad Xen netback en el kernel de Linux anterior a v3.7.8 permite a usuarios invitados del OS generar una denegación de servicio (bucle) mediante una corrupción de puntero. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=48856286b64e4b66ec62b94e504d0b29c1ade664 http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://www.openwall.com/li • CWE-20: Improper Input Validation •
CVSS: 5.2EPSS: 0%CPEs: 170EXPL: 0CVE-2013-0217
https://notcve.org/view.php?id=CVE-2013-0217
Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions. Fuga de memoria (memory leaks) en drivers/net/xen-netback/netback.c en la funcionalidad Xen netback en el kernel de Linux anterior a v3.7.8 permite a usuarios invitados generar una denegación de servicio (corrupción de memoria) cuando se producen determinados errores de condición. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d5145d8eb2b9791533ffe4dc003b129b9696c48 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://www.openwall.com/lists/oss-security/2013/02/05/12 https://bugzilla.redhat.com/show_bug.cgi?id=910883 https://github.com/torvalds/linux/commit/7d5145d8eb2b9791533ffe4dc003b129b9696c48 • CWE-399: Resource Management Errors •
CVSS: 5.2EPSS: 0%CPEs: 11EXPL: 0CVE-2013-0231 – kernel: xen: pciback DoS via not rate limited log messages
https://notcve.org/view.php?id=CVE-2013-0231
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information. La función pciback_enable_msi en el controlador PCI backend (drivers/xen/pciback/conf_space_capability_msi.c) en Xen para Linux kernel v2.6.18 y v3.8, permite que los usuarios de los sistemas operativos huésped (guest) puedan provocar una denegación de servicio a través de un número elevado de mensajes de log del kernel. NOTA: algunos de estos detalles han sido obtenidos a partir de información de terceros. • http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://osvdb.org/89903 http://secunia.com/advisories/52059 http://www.debian.org/security/2013/dsa-2632 http://www.openwall.com/lists/oss-security/2013/02/05/9 http://www.securityfocus.com/bid/57740 https://exchange.xforce.ibmcloud.com/vulnerabilities/81923 https& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •