Page 561 of 3772 results (0.026 seconds)

CVSS: 4.9EPSS: 0%CPEs: 126EXPL: 0

CVE-2012-4398 – kernel: request_module() OOM local DoS

https://notcve.org/view.php?id=CVE-2012-4398

The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application. La función __request_module en kernel/kmod.c en el kernel de Linux anterior a v3.4 no establece un atributo "killable", lo que permite a usuarios locales provocar una denegación de servicio (consumo de memoria) a través de una aplicación especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lkml.indiana.edu/hypermail/linux/kernel/1202.0/03340.html http://rhn.redhat.com/errata/RHSA-2013-0223.html http://rhn.redhat.com/errata/RHSA-2013-1348.html http://secunia.com/advisories/55077 http://www.kernel.org/pub/linux/kernel/v3.x/linux-3.4.tar.bz2 http://www.openwall.com/lists/oss-security/2012/09/02/3 h • CWE-20: Improper Input Validation •

CVSS: 2.1EPSS: 0%CPEs: 43EXPL: 2

CVE-2012-3430 – Linux Kernel 2.6.x - 'rds_recvmsg()' Local Information Disclosure

https://notcve.org/view.php?id=CVE-2012-3430

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket. La función rds_recvmsg en net/rds/recv.c en el Kernell de Linux anteriores a v3.0.44 no inicializa el cierto miembro de la estructura, lo que permite a usuarios locales a obtener información potencialmente sensible de la pila de memoria del kernel a través de (1) recvfrom o (2) llamada a sistema recvmsg en un socket RDS. • https://www.exploit-db.com/exploits/37543 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=06b6a1cf6e776426766298d055bb3991957d90a7 http://rhn.redhat.com/errata/RHSA-2012-1323.html http://secunia.com/advisories/50633 http://secunia.com/advisories/50732 http://secunia.com/advisories/50811 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44 http://www.openwall.com/lists/oss-security/2012/07/26/5 http://www.ubuntu.com/usn/USN- • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.2EPSS: 0%CPEs: 104EXPL: 1

CVE-2012-3511 – kernel: mm: use-after-free in madvise_remove()

https://notcve.org/view.php?id=CVE-2012-3511

Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call. Múltiples vulnerabilidades de condición de carrera en la función madvise_remove en el kernel Linux antes de v3.4.5, permite a usuarios locales causar una denegación de servicio (uso después de liberación y caída del sistema) a través de vectores que implican (1) munmap o (2) llamada de cierre de sistema. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb http://secunia.com/advisories/50633 http://secunia.com/advisories/50732 http://secunia.com/advisories/55055 http://ubuntu.com/usn/usn-1529-1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 http://www.openwall.com/lists/oss-security/2012/08/20/13 http://www.securityfocus.com/bid/55151 http://www.ubuntu.com/usn/USN-1567-1 http:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.8EPSS: 8%CPEs: 8EXPL: 1

CVE-2012-3412 – kernel: sfc: potential remote denial of service through TCP MSS option

https://notcve.org/view.php?id=CVE-2012-3412

The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value. El controlador sfc (también conocido como Solarflare Solarstorm) en el Kernel de Linux anteriores a v3.2.30 permite a atacantes remotos provocar una denegación de servicio (consumo de descriptor de DMA y fallo del controlador de red) a través de paquetes TCP manipulados que provocan valores MSS pequeños. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00005.html http://rhn.redhat.com/errata/RHSA-2012-1323.html http://rhn.redhat.com/errata/RHSA-2012-1324.html http://rhn.redhat.com/errata/RHSA-2012-1347.html http://rhn.redhat.com/errata/RHSA-2012-1375.html http://rhn.redhat.com/errata/RHSA-2012-1401.html http://rhn.redhat.com/errata/RHSA-2012-1430.html http://secunia.com/advisories/50633 http://secunia.com/advisories/50732 http://secunia.com/advisori • CWE-189: Numeric Errors CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.6EPSS: 2%CPEs: 6EXPL: 1

CVE-2012-3400 – kernel: udf: buffer overflow when parsing sparing table

https://notcve.org/view.php?id=CVE-2012-3400

Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. Desbordamiento de búfer basado en memoria dinámica en la función udf_load_logicalvol en fs/udf/super.c en el Kernel de Linux anteriores a v3.4.5, permite a atacantes remotos causar una denegación de servicio (caída del sistema) o posiblemente tener otro impacto no especificado a través de sistemas de ficheros UDF manipulados. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1df2ae31c724e57be9d7ac00d78db8a5dabdd050 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=adee11b2085bee90bd8f4f52123ffb07882d6256 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://rhn.redhat.com/errata/RHSA-2013-0594.html http://secunia.com/advisories/50506 http://ubuntu.com/usn/usn-1529-1 • CWE-787: Out-of-bounds Write •