CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2011-2203 – kernel: hfs_find_init() sb->ext_tree NULL pointer dereference
https://notcve.org/view.php?id=CVE-2011-2203
27 Jan 2012 — The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record. La función hfs_find_init en el kernel de Linux 2.6 permite a usuarios locales causar una denegación de servicio (referencia a puntero nulo y OOPS) mediante el montaje de un sistema de ficheros HFS con un registro de medidas MDB malformado. • http://secunia.com/advisories/47754 • CWE-264: Permissions, Privileges, and Access Controls CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2011-4132 – kernel: jbd/jbd2: invalid value of first log block leads to oops
https://notcve.org/view.php?id=CVE-2011-4132
27 Jan 2012 — The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value." La función cleanup_journal_tail en la funcionalidad JBD (Journaling Block Device) del kernel de Linux v2.6 permite a usuarios locales provocar una denegación de servicio (error de aserción y fallo del kernel) a través de una imagen ext3 o ext4 con un "va... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8762202dd0d6e46854f786bdb6fb3780a1625efe • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2012-0056 – Linux Kernel 2.6.39 < 3.2.2 (x86/x64) - 'Mempodipper' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2012-0056
27 Jan 2012 — The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-4110 – kernel: keys: NULL pointer deref in the user-defined key type
https://notcve.org/view.php?id=CVE-2011-4110
27 Jan 2012 — The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key." La función user_update security/keys/user_defined.c en el kernel de Linux v2.6 permite a usuarios locales provocar una denegación de servicio (desreferencia de puntero a NULL y fallo del kernel) a través de vectores relacionados con una ... • http://marc.info/?l=bugtraq&m=139447903326211&w=2 • CWE-264: Permissions, Privileges, and Access Controls CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2011-4330 – kernel: hfs: add sanity check for file name length
https://notcve.org/view.php?id=CVE-2011-4330
27 Jan 2012 — Stack-based buffer overflow in the hfs_mac2asc function in fs/hfs/trans.c in the Linux kernel 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via an HFS image with a crafted len field. Un desbordamiento de búfer basado en pila en la función hfs_mac2asc en fs/hfs/trans.c en el kernel de Linux v2.6 permite a usuarios locales provocar una denegación de servicio (mediante caída del sistema) y posiblemente ejecutar código de su elección a través de una imagen HFS c... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=bc5b8a9003132ae44559edd63a1623 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1478 – kernel: gro: reset dev and skb_iff on skb reuse
https://notcve.org/view.php?id=CVE-2011-1478
23 Oct 2011 — The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame. La función napi_reuse_skb de net/core/dev.c en la implementación Generic Receive Offload (GRO) en el kernel de Linux anteriores a v2.6.38 no restablece los valores de algunos miembros de la estructura, lo ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66c46d741e2e60f0e8b625b80edb0ab820c46d7a • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 2%CPEs: 10EXPL: 5CVE-2011-2189 – Linux Kernel 2.6.35 - Network Namespace Remote Denial of Service
https://notcve.org/view.php?id=CVE-2011-2189
10 Oct 2011 — net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd. net / core / net_namespace.c en el kernel de Linux v2.6.32 y anteriores no maneja adecuadamente una alta tasa de creación y limpieza de los espacios de nombres de red, ... • https://www.exploit-db.com/exploits/36425 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1076
https://notcve.org/view.php?id=CVE-2011-1076
05 Oct 2011 — net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allows remote DNS servers to cause a denial of service (NULL pointer dereference and OOPS) by not providing a valid response to a DNS query, as demonstrated by an erroneous grand.centrall.org query, which triggers improper handling of error data within a DNS resolver key. net/dns_resolver/dns_key.c del kernel de Linux en versiones anteriores a la 2.6.38 permite a servidores DNS remotos provocar una denegación de servicio (resolución de puntero NUL... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1362fa078dae16776cd439791c6605b224ea6171 • CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2011-1776 – kernel: validate size of EFI GUID partition entries
https://notcve.org/view.php?id=CVE-2011-1776
06 Sep 2011 — The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. La función is_gpt_valid en fs/partitions/efi.c en el kernel de Linux v2.... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa039d5f6b126fbd65eefa05db2f67e44df8f121 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2184
https://notcve.org/view.php?id=CVE-2011-2184
06 Sep 2011 — The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960. La función key_replace_session_keyring en security/keys/process_keys.c en el kernel de Linux anterior a v2.6.39.1... • http://alt.swiecki.net/linux_kernel/sys_open-kmem_cache_alloc-2.6.39-rc4.txt • CWE-476: NULL Pointer Dereference •