Page 634 of 3884 results (0.034 seconds)

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2010-2938 – kernel: guest crashes on non-EPT machines may crash the host as well

https://notcve.org/view.php?id=CVE-2010-2938

arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when an Intel platform without Extended Page Tables (EPT) functionality is used, accesses VMCS fields without verifying hardware support for these fields, which allows local users to cause a denial of service (host OS crash) by requesting a VMCS dump for a fully virtualized Xen guest. El fichero arch/x86/hvm/vmx/vmcs.c en la implementación de la estructura de control de máquina virtual (VMCS) en el kernel de Linux v2.6.18 de Linux en Red Hat Enterprise Linux (RHEL) 5, cuando se usa una plataforma de Intel sin la funcionalidad de Tabla de páginas extendida(EPT), tiene acceso a los campos VMCS sin verificar el soporte de hardware para estos campos, lo que permite a usuarios locales causar una denegación de servicio (caida del sistema operativo) pidiendo un dump de VMCS para un huésped Xen totalmente virtualizado. • http://secunia.com/advisories/46397 http://support.avaya.com/css/P8/documents/100113326 http://www.redhat.com/support/errata/RHSA-2010-0723.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/43578 http://www.vmware.com/security/advisories/VMSA-2011-0012.html http://xenbits.xensource.com/xen-unstable.hg?rev/15911 https://bugzilla.redhat.com/show_bug.cgi?id=620490 https://access.redhat.com/security/cve/CVE-2010-2938 • CWE-399: Resource Management Errors •

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1

CVE-2010-2653

https://notcve.org/view.php?id=CVE-2010-2653

Race condition in the hvc_close function in drivers/char/hvc_console.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service or possibly have unspecified other impact by closing a Hypervisor Virtual Console device, related to the hvc_open and hvc_remove functions. Condición de carrera en la función hvc_close en drivers/char/hvc_console.c en el kernel de Linux anterior a v2.6.34, permite a usuarios locales provocar una denegación de servicio o posiblemente tener otro impacto no especificado mediante el cierre del dispositivo Hypervisor Virtual Console, relacionado con las funciones hvc_open y hvc_remove. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320718ee074acce5ffced6506cb51af1388942aa http://lkml.org/lkml/2010/3/3/207 http://patchwork.kernel.org/patch/83353 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 http://www.openwall.com/lists/oss-security/2010/03/04/3 http://www.openwall.com/lists/oss-security/2010/04/17/2 http://www.openwall.com/lists/oss-security/2010/04/18/1 http://www.openwall.com/lists&#x • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 6.9EPSS: 0%CPEs: 21EXPL: 0

CVE-2010-3442 – kernel: prevent heap corruption in snd_ctl_new()

https://notcve.org/view.php?id=CVE-2010-3442

Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. Múltiples desbordamientos de entero en la función snd_ctl_new de sound/core/control.c en el kernel de Linux en versiones anteriores a la 2.6.36-rc5-next-20100929. Permiten a usuarios locales provocar una denegación de servicio (corrupción de la memoria dinámica) o posiblemente provocar otros impactos sin especificar a través de una llamada ioctl (1) SNDRV_CTL_IOCTL_ELEM_ADD o (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=5591bf07225523600450edd9e6ad258bb877b779 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://list • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2010-2537

https://notcve.org/view.php?id=CVE-2010-2537

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor. La función btrfs_ioctl_clone en fs/btrfs/ioctl.c en el kernel Linux, en versiones anteriores a la 2.6.35, permite a usuarios locales sobreescribir un fichero de solo-añadir (append-only) mediante una llamada ioctl (1) BTRFS_IOC_CLONE o (2) BTRFS_IOC_CLONE_RANGE que especifique este fichero como un donante. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2ebc3464781ad24474abcbd2274e6254689853b5 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html http://secunia.com/advisories/42758 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35 http://www.openwall.com/lists/oss-security/2010/07/21/10 http://www.openwall.com/lists/oss-security/2010/07/21/4 http://www.securityfocus.com/bid/41847 http://www.ubuntu.com/usn •

CVSS: 2.1EPSS: 0%CPEs: 17EXPL: 0

CVE-2010-3297 – kernel: drivers/net/eql.c: reading uninitialized stack memory

https://notcve.org/view.php?id=CVE-2010-3297

The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call. La función eql_g_master_cfg en drivers/net/eql.c en el kernel Linux anterior a la versión 2.6.36-rc5, no inicia adecuadamente un miembro de cierta estructura, lo que permite a usuarios locales obtener información potencialmente sensible de la pila de memoria del kernel mediante una llamada ioctl EQL_GETMASTRCFG. • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=44467187dc22fdd33a1a06ea0ba86ce20be3fe3c http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lkml.org/lkml/2010/9/11/168 http://secunia.com/advisories/41440 http://secunia.com/advisories/42758 http://secunia.com/advisories/43161 http:/ • CWE-909: Missing Initialization of Resource •