Page 577 of 2995 results (0.027 seconds)

CVSS: 6.9EPSS: 0%CPEs: 252EXPL: 0

CVE-2010-1088 – kernel: fix LOOKUP_FOLLOW on automount "symlinks"

https://notcve.org/view.php?id=CVE-2010-1088

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. fs/namei.c en Linux kernel desde v2.6.18 hasta v2.6.34, no siempre sigue los enlaces simbólicos de automontado NFS, lo que permite a atacantes producir un impacto desconocido, relacionado con LOOKUP_FOLLOW. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=ac278a9c505092dd82077a2446af8f9fc0d9c095 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.mandriva.com/security/advisories?name=MDVSA-2010:088 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.n •

CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2010-1085 – kernel: ALSA: hda-intel: Avoid divide by zero crash

https://notcve.org/view.php?id=CVE-2010-1085

The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service (crash) via unknown manipulations that trigger a divide-by-zero error. La funcion azx_position_ok en hda_intel.c en el kernel de Linux v2.6.33-rc4 y anteriores, cuando correo bajo un chipset AMD780V, permite a atacantes dependientes de contexto producir una denegación de servicio (caída) a través de manipulaciones desconocidas que inician un error de división por cero. • http://lkml.org/lkml/2010/2/5/322 http://nctritech.net/bugreport.txt http://secunia.com/advisories/39649 http://secunia.com/advisories/43315 http://support.avaya.com/css/P8/documents/100088287 http://support.avaya.com/css/P8/documents/100090459 http://www.openwall.com/lists/oss-security/2010/02/22/2 http://www.redhat.com/support/errata/RHSA-2010-0394.html http://www.redhat.com/support/errata/RHSA-2010-0398.html http://www.securityfocus.com/archive/1/516397&#x • CWE-189: Numeric Errors •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2010-1087 – kernel: NFS: Fix an Oops when truncating a file

https://notcve.org/view.php?id=CVE-2010-1087

The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible. La funcion nfs_wait_on_request en fs/nfs/pagelist.c en Linux kernel desde v2.6.x hasta v2.6.33-rc5 permite a atacantes producir una denegación de servicio (OOPS) a través de vectores desconocidos relacionados con el truncado de un fichero y una operación que no se puede interrumpir. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=9f557cd8073104b39528794d44e129331ded649f http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://secunia.com/advisories/39830 http://secunia.com/advisories/40645 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.openwall.com/lists/oss-security/2010/03/03/1 http://www.securityfocus.com/archive/1/516397/100/0/threaded http://www. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2010-1086 – kernel: dvb-core: DoS bug in ULE decapsulation code

https://notcve.org/view.php?id=CVE-2010-1086

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE. La funcionalidad de descapsulación ULE en drivers/media/dvb/dvb-core/dvb_net.c en dvb-core en el kernel de Linux v2.6.33y anteriores permite a atacantes producir una denegación de servicio (bucle infinito) a través de un marco MPEG2-TS manipulado, relacionado con el payload de un puntero ULE no valido • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151d http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html http://secunia.com/advisories/39649 http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://support.avaya.com/css/P8/documents/100088287 http://support.avaya.com/css/P8/documents/100090459 http://www.debian.org/security/2010/dsa-2053 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0

CVE-2010-1187 – kernel: tipc: Fix oops on send prior to entering networked mode

https://notcve.org/view.php?id=CVE-2010-1187

The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference. La Transparent Inter-Process Communication (TIPC) del kernel de Linux versiones 2.6.16-rc1 hasta 2.6.33, y posiblemente otras versiones, permite a los usuarios locales causar una denegación de servicio (OOPS de kernel) mediante el envío de datagramas por medio de AF_TIPC antes de entrar en modo de red, lo que desencadena una desreferencia de puntero NULL. • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commitdiff%3Bh=d0021b252eaf65ca07ed14f0d66425dd9ccab9a6%3Bhp=6d55cb91a0020ac0d78edcad61efd6c8cf5785a3 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.openwall.com/lists/oss-security/2010/03/30/1 http://www.openwall.com/lists/oss-security/2010/03/31/1 http://www.securityfocus.com/archive&# • CWE-476: NULL Pointer Dereference •