CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3191 – kernel: cifs: signedness issue in CIFSFindNext()
https://notcve.org/view.php?id=CVE-2011-3191
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. Error de signo de entero en la función CIFSFindNext en fs/cifs/cifssmb.c en el kernel de Linux antes de v3.1 permite a los servidores CIFS remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de un valor de gran longitud en una respuesta a una petición de lectura de un directorio. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9438fabb73eb48055b58b89fc51e0bc4db22fabd http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.openwall.com/lists/oss-security/2011/08/24/2 https://bugzilla.redhat.com/show_bug.cgi?id=732869 https://github.com/torvalds/linux/commit/9438fabb73eb48055b58b89fc51e0bc4db22fabd https://access.redhat.com/security/cve/CVE-2011-3191 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 51EXPL: 0CVE-2011-2909
https://notcve.org/view.php?id=CVE-2011-2909
The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string. La función do_devinfo_ioctl en drivers/staging/comedi/comedi_fops.c en el kernel de Linux anterior a 3.1 permite a usuarios locales obtener información sensible de la memoria del kernel a través de una copia de una cadena corta. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=819cbb120eaec7e014e5abd029260db1ca8c5735 http://www.openwall.com/lists/oss-security/2011/08/12/1 https://github.com/torvalds/linux/commit/819cbb120eaec7e014e5abd029260db1ca8c5735 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.1.bz2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2011-2482 – kernel: sctp dos
https://notcve.org/view.php?id=CVE-2011-2482
A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet. Cierto parche Red Hat para la función sctp_sock_migrate en net/sctp/socket.c en el Linux Kernel anterior a v2.6.21, como se utilizaba en Red Hat Enterprise Linux (RHEL) 5, permite a atacantes remotos causar una denegación de servicio (Null pointer dereference y OOPS) mediante un paquete SCTP. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d http://rhn.redhat.com/errata/RHSA-2011-1212.html http://www.openwall.com/lists/oss-security/2011/08/30/1 https://bugzilla.redhat.com/show_bug.cgi?id=714867 https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d https://access.redhat.com/security/cve/CVE-2011-2482 • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2184
https://notcve.org/view.php?id=CVE-2011-2184
The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960. La función key_replace_session_keyring en security/keys/process_keys.c en el kernel de Linux anterior a v2.6.39.1 no inicializa un determinado miembro de una 'struct', lo que permite a usuarios locales causar una denegación de servicio (puntero a NULL y OOPS) o posiblemente tener un impacto no especificado a través del argumento KEYCTL_SESSION_TO_PARENT a la función keyctl. Se trata de una vulnerabilidad diferente a CVE-2010-2960. • http://alt.swiecki.net/linux_kernel/sys_open-kmem_cache_alloc-2.6.39-rc4.txt http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f7285b5d631fd6096b11c6af0058ed3a2b30ef4e http://securityreason.com/securityalert/8371 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1 http://www.openwall.com/lists/oss-security/2011/06/03/2 http://www.openwall.com/lists/oss-security/2011/06/06/2 https://lkml.org/lkml/2011/5/23/199 https:&#x • CWE-476: NULL Pointer Dereference •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2723 – kernel: gro: only reset frag0 when skb can be pulled
https://notcve.org/view.php?id=CVE-2011-2723
The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic. La función skb_gro_header_slow en includelinuxnetdevice.h en kernel de Linux anteriores a v2.6.39.4, cuando está activada la opción Generic Receive Offload (GRO), reinicia ciertos campos en situaciones incorrectas, lo que permite producir una denegación de servicio (caída del sistema) mediante una tráfico de red manipulado. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=17dd759c67f21e34f2156abcf415e1f60605a188 http://marc.info/?l=bugtraq&m=139447903326211&w=2 http://openwall.com/lists/oss-security/2011/07/28/13 http://openwall.com/lists/oss-security/2011/07/29/1 http://securitytracker.com/id?1025876 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 http://www.redhat.com/support/errata/RHSA-2011-1321.html http://www.securityfocus.com/bid&# • CWE-20: Improper Input Validation •