CVSS: 7.1EPSS: 0%CPEs: 166EXPL: 0CVE-2013-0313 – Ubuntu Security Notice USN-1767-1
https://notcve.org/view.php?id=CVE-2013-0313
22 Feb 2013 — The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an attempted removexattr operation on an inode of a sockfs filesystem. La función evm_update_evmxattr en security/integrity/evm/evm_crypto.c en el kernel de Linux anterior a v3.7.5, cuando el Extended Verificatio... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a67adb997419fb53540d4a4f79c6471c60bc69b6 •
CVSS: 7.5EPSS: 0%CPEs: 182EXPL: 0CVE-2012-4542 – kernel: block: default SCSI command filter does not accomodate commands overlap across device classes
https://notcve.org/view.php?id=CVE-2012-4542
21 Feb 2013 — block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes. block / scsi_ioctl.c en el kernel de Linux a través de v3,8 no tiene debidamente en cuenta la clase de dispositivo SCSI durante la autorización de los comandos SCSI, lo que permite a usuarios locales eludir restricciones de acceso destinados a travé... • http://marc.info/?l=linux-kernel&m=135903967015813&w=2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 172EXPL: 0CVE-2013-0309 – kernel: mm: thp: pmd_present and PROT_NONE local DoS
https://notcve.org/view.php?id=CVE-2013-0309
21 Feb 2013 — arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application. arch/x86/include/asm/pgtable.h en el kernel de Linux anterior a v3.62, cuando se utilizan paginas transparentes de gran tamaño, no soportan correctamente regiones de memoria PROT_NONE, lo que permite a usuarios locales generar una denegación de servicio (caída ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=027ef6c87853b0a9df53175063028edb4950d476 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 162EXPL: 0CVE-2013-0311 – kernel: vhost: fix length for cross region descriptor
https://notcve.org/view.php?id=CVE-2013-0311
21 Feb 2013 — The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges. La función translate_desc en el kernel de Linux anterior a v3.7 no maneja correctamente descriptores cross-region, lo que permite a usuarios invitados del SO obtener privilegios del SO mediante el aprovechamiento de los privilegios KVM de invitado del SO. The rhev-hypervisor6 pack... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bd97120fc3d1a11f3124c7c9ba1d91f51829eb85 •
CVSS: 7.5EPSS: 0%CPEs: 128EXPL: 0CVE-2013-0310 – kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference
https://notcve.org/view.php?id=CVE-2013-0310
21 Feb 2013 — The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call. La función cipso_v4_validate en net/ipv4/cipso_ipv4.c en el kernel de Linux anterior a v3.4.8 permite a usuarios locales causar una denegación de servicio (referencia a NULL y caída de la aplicación) o posiblemente tener otro impacto n... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=89d7ae34cdda4195809a5a987f697a517a2a3177 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 171EXPL: 0CVE-2013-0290 – kernel: net: infinite loop in __skb_recv_datagram()
https://notcve.org/view.php?id=CVE-2013-0290
19 Feb 2013 — The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application. La función __skb_recv_datagram en net/core/datagram.c en el kernel Linux anterior a v3.8 no maneja adecuadamente la bandera con tamaño "zero-lenght", lo que permite a usuarios locales provocar una denegación de servicio (bucle infinito y cuelgue ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=77c1090f94d1b0b5186fb13a1b71b47b1343f87f • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 172EXPL: 2CVE-2012-5375 – Linux Kernel 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service
https://notcve.org/view.php?id=CVE-2012-5375
18 Feb 2013 — The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with a specific CRC32C hash value. La característica CRC32C en la aplicación Btrfs en el kernel Linux 3.8-rc1 antes permite a usuarios locales provocar una denegación de servicio (prevención de la creación de archivos)... • https://www.exploit-db.com/exploits/38132 • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 171EXPL: 1CVE-2012-5374 – Ubuntu Security Notice USN-1947-1
https://notcve.org/view.php?id=CVE-2012-5374
18 Feb 2013 — The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value. La característica CRC32C en la aplicación Btrfs en el kernel Linux antes de v3.8-rc1 permite a usuarios locales provocar una denegación de servicio (tiempo de respaldo extendido de código del kernel) creando diferentes archivos cuyos nombres están asociad... • http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 170EXPL: 1CVE-2013-0216 – kernel: xen: Linux netback DoS via malicious guest ring.
https://notcve.org/view.php?id=CVE-2013-0216
18 Feb 2013 — The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. La funcionalidad Xen netback en el kernel de Linux anterior a v3.7.8 permite a usuarios invitados del OS generar una denegación de servicio (bucle) mediante una corrupción de puntero. Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=48856286b64e4b66ec62b94e504d0b29c1ade664 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 170EXPL: 0CVE-2013-0217 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2013-0217
18 Feb 2013 — Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions. Fuga de memoria (memory leaks) en drivers/net/xen-netback/netback.c en la funcionalidad Xen netback en el kernel de Linux anterior a v3.7.8 permite a usuarios invitados generar una denegación de servicio (corrupción de memoria) cuando se producen determinados errores de condición. And... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d5145d8eb2b9791533ffe4dc003b129b9696c48 • CWE-399: Resource Management Errors •