CVSS: 7.8EPSS: 2%CPEs: 6EXPL: 1CVE-2011-0709
https://notcve.org/view.php?id=CVE-2011-0709
18 Feb 2011 — The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table. La función br_mdb_ip_get en net/bridge/ br_multicast.c en el kernel de Linux antes de v2.6.35-rc5 permite a atacantes remotos provocar una denegación de servicio (desreferencia a puntero nulo y caída del sistema) a través de un paquete IGMP, en relación con la fa... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7f285fa78d4b81b8458f05e77fb6b46245121b4e • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2011-1044 – kernel: IB/uverbs: Handle large number of entries in poll CQ
https://notcve.org/view.php?id=CVE-2011-1044
18 Feb 2011 — The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649. La función ib_uverbs_poll_cq en drivers/InfiniBand/core/uverbs_cmd.c en el kernel de Linux antes de v2.6.37 no inicializa determinado buffer de respuesta, lo que ... • https://packetstorm.news/files/id/105078 • CWE-909: Missing Initialization of Resource •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2010-4656 – kernel: iowarrior usb device heap overflow
https://notcve.org/view.php?id=CVE-2010-4656
31 Jan 2011 — The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report. La función iowarrior_write en drivers/usb/misc/iowarrior.c en el kernel Linux anterior a v2.6.37 no asigna memoria adecuadamente, lo que permite a usuarios locales desencadenar un desbordamiento de búfer basado en memoria dinámic... • https://packetstorm.news/files/id/105078 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2010-4649 – kernel: IB/uverbs: Handle large number of entries in poll CQ
https://notcve.org/view.php?id=CVE-2010-4649
31 Jan 2011 — Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member. Desbordamiento de enteros en la función ib_uverbs_poll_cq en drivers/InfiniBand/core/uverbs_cmd.c en el kernel de Linux antes de v2.6.37 permite a usuarios locales causar una denegación de servicio (corrupción de memoria) o posi... • https://packetstorm.news/files/id/105078 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 1CVE-2011-0521 – kernel: av7110 negative array offset
https://notcve.org/view.php?id=CVE-2011-0521
31 Jan 2011 — The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. La función dvb_ca_ioctl function en drivers/media/dvb/ttpci/av7110_ca.c para el kernel Linux anterior a v2.6.38-rc2 no comprueba el signo de un campo entero determinado, lo que permite a usuarios locales causar una dene... • https://packetstorm.news/files/id/105078 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2010-4256 – Ubuntu Security Notice USN-1202-1
https://notcve.org/view.php?id=CVE-2010-4256
25 Jan 2011 — The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 does not properly determine whether a file is a named pipe, which allows local users to cause a denial of service via an F_SETPIPE_SZ fcntl call. La función pipe_fcntl en fs/pipe.c en el kernel de Linux anteriores a v2.6.37 no determinar correctamente si un archivo es una tubería (pipe) con nombre, que permite a usuarios locales causar una denegación de servicio a través de una llamada F_SETPIPE_SZ fcntl. Dan Rosenberg discovered that th... • https://packetstorm.news/files/id/105078 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2010-4238 – kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV
https://notcve.org/view.php?id=CVE-2010-4238
22 Jan 2011 — The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information. La función vbd_create de Xen 3.1.2, cuando el kernel de Linux 2.6.18 de Red Hat Enterprise Linux (RHEL) 5 es utilizado, permite a usuarios del SO invitados provocar una denegación de... • http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 3CVE-2010-4243 – Linux Kernel 2.6.37 - 'setup_arg_pages()' Denial of Service
https://notcve.org/view.php?id=CVE-2010-4243
22 Jan 2011 — fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a crafted exec system call, aka an "OOM dodging issue," a related issue to CVE-2010-3858. fs/exec.c del kernel de Linux en versiones anteriores a la 2.6.37 no habilita el "OOM Killer" para evaluar el uso de la memoria de pila por los arrays de los (1) argumentos y (... • https://packetstorm.news/files/id/105078 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.9EPSS: 5%CPEs: 24EXPL: 4CVE-2010-4263 – kernel: igb panics when receiving tag vlan packet
https://notcve.org/view.php?id=CVE-2010-4263
18 Jan 2011 — The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame. La función igb_receive_skb de drivers/net/igb/igb_main.c en el subsistema Intel Gigabit Ethernet (igb) ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=31b24b955c3ebbb6f3008a6374e61cf7c05a193c • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 206EXPL: 1CVE-2010-3086 – kernel panic via futex
https://notcve.org/view.php?id=CVE-2010-3086
14 Jan 2011 — include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception fixup, which allows local users to cause a denial of service (panic) via an invalid application that triggers a page fault. include/asm-x86/futex.h en el kernel de Linux anterior a v2.6.25 no aplica adecuadamente corrección de excepciones, lo que permite a usuarios locales causar una denegación de servicio (mediante un 'panic') a través de una solicitud válida que provoca un fallo de página. Tavis Ormandy discove... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9d55b9923a1b7ea8193b8875c57ec940dc2ff027 •