CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2008-0731
https://notcve.org/view.php?id=CVE-2008-0731
12 Feb 2008 — The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task. El núcleo de Linux versiones anteriores a 2.6.18.8-0.8 de SUSE openSUSE 10.2 no maneja apropiadamente los fallos del sistema llamado AppArmor change_hat, lo cual permite a atacantes disparar el no limitamiento de una tarea apparmored. • http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2008-0007 – kernel: insufficient range checks in fault handlers with mremap
https://notcve.org/view.php?id=CVE-2008-0007
08 Feb 2008 — Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset. Núcleo de Linux versiones anteriores a 2.6.22.17, cuando se usan ciertos controladores que registran un error en el manejador, que no realiza comprobaciones de rango, permite a usuarios locales acceder a la memoria del núcleo a través de un desplazamiento fuera de rango. • http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 317EXPL: 0CVE-2007-6694 – /proc/cpuinfo DoS on some ppc machines
https://notcve.org/view.php?id=CVE-2007-6694
29 Jan 2008 — The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference. La función chrp_show_cpuinfo (chrp/setup.c) en Linux kernel 2.4.21 hasta 2.6.18-53, cuando funciona sobre PowerPC, podría permitir a usuarios locales provocar denegación de servicio (caida) a través de vectores desconocidos qu... • http://marc.info/?l=linux-kernel&m=119576191029571&w=2 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 2%CPEs: 30EXPL: 1CVE-2008-0352 – Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-0352
17 Jan 2008 — The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram). El núcleo de Linux 2.6.20 hasta 2.6.21.1 permite a atacantes remotos provocar una denegación de servicio (error irrecuperable del sistema) mediante cierto paquete IPv6, posiblemente implicando la opción Jumbo Payload salto a salto (jumbogram). • https://www.exploit-db.com/exploits/4893 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 234EXPL: 0CVE-2008-0001 – kernel: filesystem corruption by unprivileged user via directory truncation
https://notcve.org/view.php?id=CVE-2008-0001
15 Jan 2008 — VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories. VFS en el kernel de Linux versiones anteriores a 2.6.22.16 y versiones 2.6.23.x anteriores a 2.6.23.14, realiza pruebas de modo de acceso mediante el uso de la variable flag en lugar de la variable acc_mode, lo que podría permitir a usuarios locales omitir los pe... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=974a9f0b47da74e28f68b9c8645c3786aa5ace1a •
CVSS: 7.8EPSS: 14%CPEs: 30EXPL: 1CVE-2007-4567 – Linux Kernel 2.6.22 - IPv6 Hop-By-Hop Header Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-4567
21 Dec 2007 — The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet. La función ipv6_hop_jumbo en el archivo net/ipv6/exthdrs.c en el kernel de Linux versiones anteriores a 2.6.22, no comprueba apropiadamente el encabezado extendido de IPv6 salto a salto, lo que permite a los atacantes remotos causar u... • https://www.exploit-db.com/exploits/30902 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2007-5966 – kernel: non-root can trigger cpu_idle soft lockup
https://notcve.org/view.php?id=CVE-2007-5966
20 Dec 2007 — Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information. Desbordamiento de enteros en la función hrtimer_start en kernel/hrtimer.c en el kernel de Linux anterior a 2.6.23.10 permite a usuarios locales ejecutar código de su elección o provocar denegación de servicio (panic) a ... • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.10 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-6434
https://notcve.org/view.php?id=CVE-2007-6434
18 Dec 2007 — Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function. Linux kernel 2.6.23 permite a usuarios locales crear páginas bajas en el espacio de la memoria virtual y evitar la protección mmap_min_addr a través de un archivo ejecutable manipulado que llama a una función do_brk. • http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc5 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2007-6417 – tmpfs: restore missing clear_highpage (kernels from 2.6.11 up)
https://notcve.org/view.php?id=CVE-2007-6417
18 Dec 2007 — The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash). La función shmem_getpage (mm/shmem.c) en el kernel de Linux versión 2.6.11 hasta 2.6.23 no borra de manera apropiada la memoria asignada en algunas circunstancias extrañas relacionadas con tmpfs, lo que podría permitir a los usuarios locales leer dat... • http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6151 – I4L: fix isdn_ioctl memory issue
https://notcve.org/view.php?id=CVE-2007-6151
15 Dec 2007 — The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow. La función isdn_ioctl en isdn_common.c en Linux kernel 2.6.23 permite a usuarios locales provocar denegación de servicio a través de una estructura ioctl manipulada en cuyo iocts no tiene un final null, lo cual dispara un desbordamiento de búfer. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=eafe1aa37e6ec2d56f14732b5240c4dd09f0613a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •