CVSS: 5.5EPSS: 0%CPEs: 84EXPL: 0CVE-2011-4086 – kernel: jbd2: unmapped buffer with _Unwritten or _Delay flags set can lead to DoS
https://notcve.org/view.php?id=CVE-2011-4086
10 Feb 2012 — The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal. La función journal_unmap_buffer en fs/jbd2/transaction.c en el kernel de linux anterior a v3.3.1 no maneja correctamente el "buffer head states" _Delay y _Unwritten, permitiendo a usuarios locales c... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=15291164b22a357cb211b618adfef4fa82fc0de3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0038 – kernel: xfs heap overflow
https://notcve.org/view.php?id=CVE-2012-0038
07 Feb 2012 — Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow. Desbordamiento de entero en la función xfs_acl_from_disk en fs/xfs/xfs_acl.c en el núcleo de Linux anterior a v3.1.9 que permite a usuarios locales causar una denegación de servicio (panic) a través del sistema de ficheros con una lista ACL mal construida, dando lugar a u... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=093019cf1b18dd31b2c3b77acce4e000e2cbc9ce • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-0044 – kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()
https://notcve.org/view.php?id=CVE-2012-0044
24 Jan 2012 — Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call. Un desbordamiento de entero en la función de drm_mode_dirtyfb_ioctl en drivers/gpu/drm/ drm_crtc.c en el subsistema "Direct Rendering Manager" (DRM) en el kernel de Linux en versiones anteriores a la v3.1.5 permite a usuarios locale... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a5cd335165e31db9dbab636fd29895d41da55dd2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2012-0056 – Linux Kernel 2.6.39 < 3.2.2 (x86/x64) - 'Mempodipper' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2012-0056
23 Jan 2012 — The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 2CVE-2012-0207 – Linux Kernel 2.6.36 IGMP - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2012-0207
18 Jan 2012 — The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets. La función de igmp_heard_query net/ipv4/igmp.c en el kernel de Linux en versiones anteriores a la v3.2.1 permite a atacantes remotos causar una denegación de servicio (error de división por cero y el "kernel panic") a través de paquetes IGMP. • https://www.exploit-db.com/exploits/18378 • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-4611 – kernel: perf, powerpc: Handle events that raise an exception without overflowing
https://notcve.org/view.php?id=CVE-2011-4611
16 Jan 2012 — Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of performance events. Desbordamiento de entero en la función perf_event_interrupt en arch/powerpc/kernel/perf_event.c en el núcleo de Linux anteriores a v2.6.39 en plataformas powerpc que permite a usuarios locales causar una denegaci... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 1CVE-2011-4914
https://notcve.org/view.php?id=CVE-2011-4914
16 Jan 2012 — The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket. La implementación del protocolo ROSE en el kernel de Linux anteriores a v2.6.39 no verifica que algunos valores de la longitud de datos son consistentes con la cantidad de datos env... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3637 – kernel: proc: fix oops on invalid /proc/<pid>/maps access
https://notcve.org/view.php?id=CVE-2011-3637
11 Jan 2012 — The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error. La función m_stop en fs/proc/task_mmu.c en el kernel de Linux antes de v2.6.39 permite a usuarios locales provocar una denegación de servicio a través de vectores que provocan un error m_start. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-476: NULL Pointer Dereference •
CVSS: 7.4EPSS: 0%CPEs: 59EXPL: 2CVE-2011-4127 – kernel: possible privilege escalation via SG_IO ioctl
https://notcve.org/view.php?id=CVE-2011-4127
22 Dec 2011 — The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume. El kernel de Linux anterior a v3.2.2 no restringe adecuadamente llamadas SG_IO ioctl, permitiendo a usuarios locales eludir restricciones de lectura y escritura en disco mediante el envío de un comando SCSI a (1) un dispositivo de bloques de particiones o (2) un vo... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0bfc96cb77224736dfa35c3c555d37b3646ef35e • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-4087
https://notcve.org/view.php?id=CVE-2011-4087
08 Dec 2011 — The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device. La función br_parse_ip_options en net/bridge/br_netfilter.c de los kernel Linux anteriores a v2.6.39 no inicia adecuadamente cierta estructura de datos, permitiendo que atacantes remotos provoquen denegaciones de se... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-665: Improper Initialization •