Page 64 of 348 results (0.026 seconds)

CVSS: 7.1EPSS: 0%CPEs: 29EXPL: 1

The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. El fichero poll_mode_io para el controlador megaraid_sas en el kernel de Linux v2.6.31.6 y anteriores tiene permisos de escritura para todos, permitiendo a usuarios locales cambiar el modo de E/S del dispositivo modificando este fichero. • http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-03 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.2EPSS: 0%CPEs: 32EXPL: 7

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. Múltiples condiciones de carrera en fs/pipe.c en el kernel de Linux anteriores a v2.6.32-rc6 permite a usuarios locales producir una denegación de servicio )desreferencia a puntero NULL y caída del sistema) o conseguir privilegios mediante la apertura de un canal anónimo en la ruta /proc/*/fd/. • https://www.exploit-db.com/exploits/9844 https://www.exploit-db.com/exploits/33321 https://www.exploit-db.com/exploits/10018 https://www.exploit-db.com/exploits/33322 https://www.exploit-db.com/exploits/40812 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html http:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference CWE-672: Operation on a Resource after Expiration or Release •

CVSS: 2.1EPSS: 0%CPEs: 18EXPL: 0

arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode. arch/x86/ia32/ia32entry.S en el kernel de Linux anteriores a v2.6.31.4 en plataformas x86_64 no limpia adecuadamente ciertos registros del kernel antes de regresar al modo usuario, lo que permite a usuarios locales leer valores del registro desde un proceso anterior mediante el cambio de un proceso ia32 al modo 64-bit • http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-tip.git%3Ba=commit%3Bh=24e35800cdc4350fc34e2bed37b608a9e13ab3b6 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://lkml.org/lkml/2009/10/1/164 http://marc.info/?l=oss-security&m=125442304214452&w=2 http://marc.info/?l=oss-security&m=125444390112831&w&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 2.1EPSS: 0%CPEs: 20EXPL: 0

The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. La función tc_fill_tclass en net/sched/sch_api.c del subsistema tc en el kernel de Linux v2.4.x anteriores a la v2.4.37.6 y v2.6.x anteriores a la v2.6.31-rc9 no inicializa un determinado miembro de la estructura (1) tcm__pad1 y (2) tcm__pad2, lo que permite a atacantes locales obtener información confidencial de la memoria del kernel a través de vectores de ataque sin especificar. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git%3Ba=commit%3Bh=096ed17f20affc2db0e307658c69b67433992a7a http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16ebb5e0b36ceadc8186f71d68b0c4fa4b6e781b http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://patchwork.ozlabs.org/patch/32830 http://secunia.com/advisories/37084 http://secunia.com/advisories/38794 http://secunia.com/advisories/38834 http://www.kernel.org/pub/linux/k • CWE-401: Missing Release of Memory after Effective Lifetime CWE-909: Missing Initialization of Resource •

CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0

A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership. Ciertas modificaciones Ret Hat en ChrootDirectory feature en OpenSSH v4.8, como el usado en sshd en OpenSSH v4.3 en Red Hat Enterprise Linux (RHEL) v5.4 y Fedora v11, permite a usuarios locales obtener privilegios a través de enlaces fuertes en programas setuid que usa una configuración de ficheros con el chroot directory, relacionado con requerimientos para el propietario. • http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038214.html http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://osvdb.org/58495 http://secunia.com/advisories/38794 http://secunia.com/advisories/38834 http://secunia.com/advisories/39182 http://www.securityfocus.com/bid/36552 http://www.vupen.com/english/advisories/2010/0528 https://bugzilla.redhat.com/show_bug.cgi?id=522141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg&# • CWE-16: Configuration •