CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2010-4175 – Ubuntu Security Notice USN-1089-1
https://notcve.org/view.php?id=CVE-2010-4175
11 Jan 2011 — Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) in Linux kernel 2.6.35 allows local users to cause a denial of service (crash) and possibly trigger memory corruption via a crafted Reliable Datagram Sockets (RDS) request, a different vulnerability than CVE-2010-3865. Desbordamiento de entero en la función rds_cmsg_rdma_args (net/rds/rdma.c) del kernel de Linux 2.6.35. Permite a usuarios locales provocar una denegación de servicio (caída) y posiblemente una corrupción de memoria a través ... • https://packetstorm.news/files/id/105078 • CWE-189: Numeric Errors •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2010-4247 – xen: request-processing loop is unbounded in blkback
https://notcve.org/view.php?id=CVE-2010-4247
11 Jan 2011 — The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information. La función do_block_io_op en (1) ldrivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blkt... • http://secunia.com/advisories/35093 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 2%CPEs: 8EXPL: 0CVE-2010-4526 – kernel: sctp: a race between ICMP protocol unreachable and connect()
https://notcve.org/view.php?id=CVE-2010-4526
11 Jan 2011 — Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. Condición de carrera en el kernel de Linux 2.6.11-rc2 hasta 2.6.33. Permite a atacantes remotos provocar una denegación de servicio (kernel... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=50b5d6ad63821cea324a5a7a19854d4de1a0a819 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2010-4242 – kernel: missing tty ops write function presence check in hci_uart_tty_open()
https://notcve.org/view.php?id=CVE-2010-4242
11 Jan 2011 — The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver. La función hci_uart_tty_open del controlador HCI UART (drivers/bluetooth/hci_ldisc.c) del kernel de Linux 2.6.36, y posiblemente otras versiones, no verifica si el tty tiene una operación ... • https://packetstorm.news/files/id/105078 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 2CVE-2010-4160 – kernel: L2TP send buffer allocation size overflows
https://notcve.org/view.php?id=CVE-2010-4160
07 Jan 2011 — Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call. Múltiples desbordamientos de entero en las funciones (1) pppol2tp_sendmsg de net/l2tp/l2tp_ppp.c, y (2) l2tp_ip_sendmsg de net/l2tp/l2tp_ip.c, en l... • https://packetstorm.news/files/id/105078 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2010-4162 – kernel: bio: integer overflow page count when mapping/copying user data
https://notcve.org/view.php?id=CVE-2010-4162
03 Jan 2011 — Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. Múltiples desbordamientos de entero en fs/bio.c en el kernel de Linux anterior a v2.6.36.2 permite a usuarios locales causar una denegación de servicio (fallo del sistema) a través de un dispositivo ioctl manipulado a un dispositivo SCSI. Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structu... • https://packetstorm.news/files/id/105078 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2010-4163 – kernel: panic when submitting certain 0-length I/O requests
https://notcve.org/view.php?id=CVE-2010-4163
03 Jan 2011 — The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device. La función blk_rq_map_user_iov en block/blk-map.c en el kernel de Linux anterior a v2.6.36.2 permite a usuarios locales causar una denegación de servicio (panic) a través de una solicitud de E/S de longitud cero en un dispositivo ioctl a un dispositivo SCSI. Dan Rosenberg discovered that multiple term... • https://packetstorm.news/files/id/105078 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2010-4668 – kernel: panic when submitting certain 0-length I/O requests
https://notcve.org/view.php?id=CVE-2010-4668
03 Jan 2011 — The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4163. La función blk_rq_map_user_iov en block/blk-map.c en el kernel Linux anterior a 2.6.37-rc7 permite a usuarios locales causar una denegación de servicio (panic) a través de una petición I/O de... • https://packetstorm.news/files/id/105078 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 3CVE-2010-4158 – Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure
https://notcve.org/view.php?id=CVE-2010-4158
30 Dec 2010 — The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. La función sk_run_filter en net/core/filter.c en el kernel de Linux anteriores a v2.6.36.2 no comprueba si una posición de memoria determinada se ha inicializado ant... • https://www.exploit-db.com/exploits/34987 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2010-4161 – kernel: rhel5 commit 6865201191 caused deadlock
https://notcve.org/view.php?id=CVE-2010-4161
30 Dec 2010 — The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (deadlock and system hang) by sending UDP traffic to a socket that has a crafted socket filter, a related issue to CVE-2010-4158. La función udp_queue_rcv_skb en net/ipv4/udp.c en determinados Red Hat del kernel de Linux v2.6.18 en Red Hat Enterprise Linux (RHEL) v5 permite a atacantes provocar una denegación de servicio (ab... • http://secunia.com/advisories/42789 • CWE-399: Resource Management Errors •