Page 582 of 3772 results (0.019 seconds)

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1

A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet. Cierto parche Red Hat para la función sctp_sock_migrate en net/sctp/socket.c en el Linux Kernel anterior a v2.6.21, como se utilizaba en Red Hat Enterprise Linux (RHEL) 5, permite a atacantes remotos causar una denegación de servicio (Null pointer dereference y OOPS) mediante un paquete SCTP. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d http://rhn.redhat.com/errata/RHSA-2011-1212.html http://www.openwall.com/lists/oss-security/2011/08/30/1 https://bugzilla.redhat.com/show_bug.cgi?id=714867 https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d https://access.redhat.com/security/cve/CVE-2011-2482 • CWE-476: NULL Pointer Dereference •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960. La función key_replace_session_keyring en security/keys/process_keys.c en el kernel de Linux anterior a v2.6.39.1 no inicializa un determinado miembro de una 'struct', lo que permite a usuarios locales causar una denegación de servicio (puntero a NULL y OOPS) o posiblemente tener un impacto no especificado a través del argumento KEYCTL_SESSION_TO_PARENT a la función keyctl. Se trata de una vulnerabilidad diferente a CVE-2010-2960. • http://alt.swiecki.net/linux_kernel/sys_open-kmem_cache_alloc-2.6.39-rc4.txt http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f7285b5d631fd6096b11c6af0058ed3a2b30ef4e http://securityreason.com/securityalert/8371 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1 http://www.openwall.com/lists/oss-security/2011/06/03/2 http://www.openwall.com/lists/oss-security/2011/06/06/2 https://lkml.org/lkml/2011/5/23/199 https:&#x • CWE-476: NULL Pointer Dereference •

CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0

The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic. La función skb_gro_header_slow en includelinuxnetdevice.h en kernel de Linux anteriores a v2.6.39.4, cuando está activada la opción Generic Receive Offload (GRO), reinicia ciertos campos en situaciones incorrectas, lo que permite producir una denegación de servicio (caída del sistema) mediante una tráfico de red manipulado. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=17dd759c67f21e34f2156abcf415e1f60605a188 http://marc.info/?l=bugtraq&m=139447903326211&w=2 http://openwall.com/lists/oss-security/2011/07/28/13 http://openwall.com/lists/oss-security/2011/07/29/1 http://securitytracker.com/id?1025876 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 http://www.redhat.com/support/errata/RHSA-2011-1321.html http://www.securityfocus.com/bid&# • CWE-20: Improper Input Validation •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1

Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls operation with a (1) V4L2_CID_RDS_TX_PS_NAME or (2) V4L2_CID_RDS_TX_RADIO_TEXT control ID. Múltiples desbordamientos de búfer en la anteriores a v2.6.39.4 en la plataforma N900, permite a atacantes remotos provocar una denegación de servicio u otro impacto no determinado a través de operaciones s_ext_ctrls manipuladas con un control ID V4L2_CID_RDS_TX_PS_NAME o (2) V4L2_CID_RDS_TX_RADIO_TEXT • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dc6b845044ccb7e9e6f3b7e71bd179b3cf0223b6 http://openwall.com/lists/oss-security/2011/07/20/4 http://openwall.com/lists/oss-security/2011/07/20/6 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 http://www.securityfocus.com/bid/48804 http://xorl.wordpress.com/2011/07/24/cve-2011-2700-linux-kernel-si4713-i2c-buffer-overflow • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application. El subsistema Performance Events en el kernel de Linux antes de v3.1 no trata correctamente los desbordamientos de eventos asociados con eventos PERF_COUNT_SW_CPU_CLOCK, lo que permite a usuarios locales causar una denegación de servicio (bloqueo del sistema) a través de una aplicación modificada. • https://www.exploit-db.com/exploits/17769 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.openwall.com/lists/oss-security/2011/08/16/1 https://bugzilla.redhat.com/show_bug.cgi?id=730706 https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233 https://access.redhat.com/security/cve/CVE-2011-2918 • CWE-400: Uncontrolled Resource Consumption •