CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2010-3859 – kernel: tipc: heap overflow in tipc_msg_build()
https://notcve.org/view.php?id=CVE-2010-3859
Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in net/tipc/msg.c and the verify_iovec function in net/core/iovec.c. Múltiples errores de signo de entero en la implementación de TIPC en el kernel de Linux anteriores a v2.6.36.2 permite a usuarios locales conseguir privilegios a través de una llamada manipulada sendmsg que provoca un desbordamiento de búfer basado en memoria dinámica, relacionado con la función tipc_msg_build en net/tipc/msg.c y la función verify_iovec en net/core/iovec.c. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8acfe468b0384e834a303f08ebc4953d72fb690a http://marc.info/?l=linux-netdev&m=128770476511716&w=2 http://secunia.com/advisories/42789 http://secunia.com/advisories/42963 http://secunia.com/advisories/46397 http://www.debian.org/security/2010/dsa-2126 http://www.kernel.org/pub/linux/kernel/ • CWE-787: Out-of-bounds Write •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3448 – kernel: thinkpad-acpi: lock down video output state access
https://notcve.org/view.php?id=CVE-2010-3448
drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the X.Org X server is used, does not properly restrict access to the video output control state, which allows local users to cause a denial of service (system hang) via a (1) read or (2) write operation. drivers/platform/x86/thinkpad_acpi.c en el kernel de Linux anterior a v2.6.34 en los dispositivos de ThinkPad, cuando el servidor de X, X.Org, se utiliza, no restringe correctamente el acceso al estado del control de salida de vídeo, lo que permite a usuarios locales causar una denegación de servicio (caída del sistema) a través de operaciones de (1) lectura o (2) escritura. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=565790 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b525c06cdbd8a3963f0173ccd23f9147d4c384b5 http://openwall.com/lists/oss-security/2010/06/23/2 http://openwall.com/lists/oss-security/2010/09/28/1 http://openwall.com/lists/oss-security/2010/09/29/7 http://openwall.com/lists/oss-security/2010/09/30/1 http://openwall.com/lists/oss-security/2010/09/30/6 http://www.debian.org& • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4076
https://notcve.org/view.php?id=CVE-2010-4076
The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. La función rs_ioctl de drivers/char/amiserial.c del kernel de Linux en versiones 2.6.36.1 y anteriores no inicializa apropiadamente un miembro de una determinada estructura, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila del kernel a través de una llamada ioctl TIOCGICOUNT. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d281da7ff6f70efca0553c288bb883e8605b3862 http://lkml.org/lkml/2010/9/15/389 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://www.openwall.com/lists/oss-security/2010/10/07/1 http://www.openwall.com/lists/oss-security/2010/10/25/3 https://bugzilla.redhat.com/show_bug.cgi?id=648661 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 2CVE-2010-4077 – Linux Kenel 2.6.37-rc1 - serial_core TIOCGICOUNT Leak
https://notcve.org/view.php?id=CVE-2010-4077
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. La función ntty_ioctl_tiocgicount de drivers/char/nozomi.c del kernel de Linux en versiones anteriores a la 2.6.36.1 y anteriores no inicializa apropiadamente un miembro de una determinada estructura, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila del kernel a través de una llamada ioctl TIOCGICOUNT. • https://www.exploit-db.com/exploits/16973 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d281da7ff6f70efca0553c288bb883e8605b3862 http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03387.html http://secunia.com/advisories/42890 http://securityreason.com/securityalert/8129 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://www.openwall.com/lists/oss-security/2010/10/0 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 1.9EPSS: 0%CPEs: 7EXPL: 0CVE-2010-4074 – kernel: drivers/usb/serial/mos*.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4074
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c. El subsistema USB del kernel de Linux en versiones anteriores a la 2.6.36-rc5 no inicializa apropiadamente miembros de estructuras, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila del kernel a través de vectores relacionados con llamadas ioctl TIOCGICOUNT, y la (1) función mos7720_ioctl de drivers/usb/serial/mos7720.c y (2) mos7840_ioctl de drivers/usb/serial/mos7840.c. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a0846f1868b11cd827bdfeaf4527d8b1b1c0b098 http://lkml.org/lkml/2010/9/15/392 http://secunia.com/advisories/42890 http://www.debian.org/security/2010/dsa-2126 http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.36/ChangeLog-2.6.36-rc5 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://www.openwall.com/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •