Page 580 of 2995 results (0.036 seconds)

CVSS: 10.0EPSS: 14%CPEs: 271EXPL: 0

CVE-2008-1673

https://notcve.org/view.php?id=CVE-2008-1673

The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. La implementación de asn1 en (a) el núcleo Linux 2.4 versiones anteriores a 2.4.36.6 y 2.6 versiones anteriores a 2.6.25.5, tal como lo utilizado en los módulos cifs y ip_nat_snmp_basic; y (b) el paquete gxsnmp; no valida apropiadamente la longitud de valores durante la decodificación de datos ASN.1 BER, lo cual permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su elección a través de (1) una longitud superior a la de trabajo del búfer, lo cual puede llevar a un desbordamiento no especificado; (2) una longitud oid a cero, lo cual puede llevar a un error off-by-one; o (3) una longitud indefinida de codificación primitiva. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=33afb8403f361919aa5c8fe1d0a4f5ddbfbbea3c http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ddb2c43594f22843e9f3153da151deaba1a834c5 http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.6 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5 http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.9EPSS: 0%CPEs: 304EXPL: 0

CVE-2008-1669 – kernel: add rcu_read_lock() to fcheck() in both dnotify, locks.c and fix fcntl store/load race in locks.c

https://notcve.org/view.php?id=CVE-2008-1669

Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table." El kernel de Linux en versiones posteriores a la 2.6.25.2, no aplica determinados mecanismos de protección para la funcionalidad fcntl, la cual permite a usuarios locales (1) ejecutar código en paralelo o (2) explotar una condición de carrera (race condition) para obtener un “acceso re-ordenado a la tabla descriptor” • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://secunia.com/advisories/30077 http://secunia.com/advisories/30101 http://secunia.com/advisories/30108 http://secunia.com/adv • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.8EPSS: 0%CPEs: 317EXPL: 0

CVE-2007-6694 – /proc/cpuinfo DoS on some ppc machines

https://notcve.org/view.php?id=CVE-2007-6694

The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference. La función chrp_show_cpuinfo (chrp/setup.c) en Linux kernel 2.4.21 hasta 2.6.18-53, cuando funciona sobre PowerPC, podría permitir a usuarios locales provocar denegación de servicio (caida) a través de vectores desconocidos que hacen que la función of_get_property falle, lo cual dispara un puntero de referencia NULL. • http://marc.info/?l=linux-kernel&m=119576191029571&w=2 http://rhn.redhat.com/errata/RHSA-2008-0055.html http://secunia.com/advisories/28696 http://secunia.com/advisories/28748 http://secunia.com/advisories/29058 http://secunia.com/advisories/29236 http://secunia.com/advisories/30018 http://secunia.com/advisories/30515 http://secunia.com/advisories/30769 http://www.debian.org/security/2008/dsa-1503 http://www.debian.org/security/2008/dsa-1504 http://www.debian&# • CWE-399: Resource Management Errors •

CVSS: 4.0EPSS: 0%CPEs: 191EXPL: 0

CVE-2007-5093 – kernel PWC driver DoS

https://notcve.org/view.php?id=CVE-2007-5093

The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device. El método disconnect en el controlador Philips USB Webcam (pwc) en Linux kernel 2.6.x anterior 2.6.22.6 "confía en espacio del usuario para cerrar el dispositivo" lo cual permite a un atacante local con la intervención del usuario provocar denegación de servicio (cuelgue del sistema USB y consumo de CPU en khubd) sin cerrar el dispositivo después de llamar a la desconexión. NOTA: esto cruza raramente límites de privilegio, a menos que el atacante los pueda convencer a la víctima que desenchufe el dispositivo afectado. • http://marc.info/?l=linux-kernel&m=118873457814808&w=2 http://marc.info/?l=linux-kernel&m=118880154122548&w=2 http://rhn.redhat.com/errata/RHSA-2008-0972.html http://secunia.com/advisories/26994 http://secunia.com/advisories/28170 http://secunia.com/advisories/28706 http://secunia.com/advisories/28971 http://secunia.com/advisories/29058 http://secunia.com/advisories/30294 http://secunia.com/advisories/32799 http://www.debian.org/security/2007/dsa-1381 http:/&# • CWE-399: Resource Management Errors •

CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2007-3945

https://notcve.org/view.php?id=CVE-2007-3945

Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes. Rule Set Based Access Control (RSBAC) anterior a 1.3.5 no utiliza de forma adecuada el API Crypto Linux Kernel del Linux kernel 2.6.x, el permite a atacantes dependientes del contexto evitar controles de autenticación a través de vectores no especificados, posiblemente afectando al hashing de la contraseña User Management y los códigos de retorno de la función unchecked. • http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt http://secunia.com/advisories/26147 http://securityreason.com/securityalert/2911 http://www.securityfocus.com/archive/1/474161/100/0/threaded http://www.securityfocus.com/bid/25001 http://www.vupen.com/english/advisories/2007/2610 •