Page 640 of 3789 results (0.037 seconds)

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 2

CVE-2009-3234 – Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow

https://notcve.org/view.php?id=CVE-2009-3234

Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call. Un desbordamiento de búfer en la función perf_copy_attr en el archivo kernel/perf_counter.c en el kernel de Linux versión 2.6.31-rc1, permite a los usuarios locales causar una denegación de servicio (bloqueo) y ejecutar código arbitrario por medio de un "big size data" en la llamada del sistema perf_counter_open. • https://www.exploit-db.com/exploits/33228 http://article.gmane.org/gmane.linux.kernel/890654 http://www.openwall.com/lists/oss-security/2009/09/16/1 http://www.openwall.com/lists/oss-security/2009/09/17/13 http://www.securityfocus.com/bid/36423 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.1EPSS: 2%CPEs: 15EXPL: 0

CVE-2009-2903

https://notcve.org/view.php?id=CVE-2009-2903

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. Fuga de memoria en el subsistema appletalk en el Kernel de Linux v2.4.x hasta v2.4.37.6 y v2.6.x hasta v2.6.31, cuando los módulos appletalk y ipddp están cargados pero el dispositivo ipddp"N" no se encuentra, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de datagramas IP-DDP. • http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html http://secunia.com/advisories/36707 http://secunia.com/advisories/37105 http://sec • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 4.9EPSS: 0%CPEs: 316EXPL: 4

CVE-2009-3043 – Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' Null Pointer Dereference Denial of Service

https://notcve.org/view.php?id=CVE-2009-3043

The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonstrated by KernelTtyTest.c. La función tty_ldisc_hangup en el archivo drivers/char/tty_ldisc.c en el kernel de Linux versiones 2.6.31-rc anteriores a 2.6.31-rc8, permite a los usuarios locales causar una denegación de servicio (bloqueo de sistema, a veces precedido por una desreferencia de puntero NULL) o posiblemente alcanzar privilegios por medio de cierta actividad de I/O pseudoterminal, como es demostrado por el archivo KernelTtyTest.c. • https://www.exploit-db.com/exploits/33193 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5c58ceff103d8a654f24769bb1baaf84a841b0cc http://lkml.org/lkml/2009/8/20/21 http://lkml.org/lkml/2009/8/20/27 http://lkml.org/lkml/2009/8/20/68 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc8 http://www.openwall.com/lists/oss-security/2009/08/31/1 http://www.openwall.com/lists/oss-security/2009/09/ • CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 12EXPL: 4

CVE-2009-3001 – Linux Kernel 2.6.31-rc7 - 'AF_LLC getsockname' 5-Byte Stack Disclosure

https://notcve.org/view.php?id=CVE-2009-3001

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket. La función llc_ui_getname en net/llc/af_llc.c del kernel de Linux v2.6.31-rc7 y anteriores no inicializa cierta estructura de datos, lo que permite leer a los usuarios locales el contenido de algunas celdas de memoria del núcleo llamando a la función getsockname a través de un socket AF_LLC. • https://www.exploit-db.com/exploits/9513 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=28e9fc592cb8c7a43e4d3147b38be6032a0e81bc http://jon.oberheide.org/files/llc-getsockname-leak.c http://secunia.com/advisories/37105 http://www.exploit-db.com/exploits/9513 http://www.openwall.com/lists/oss-security/2009/08/26/1 http://www.securityfocus.com/bid/36126 http://www.ubuntu.com/usn/USN-852-1 https://bugzilla.redhat.com/show_bug.cgi?id=519 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 12EXPL: 5

CVE-2009-3002 – Linux Kernel 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure

https://notcve.org/view.php?id=CVE-2009-3002

The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c. El kernel de Linux antes de v2.6.31-rc7 no inicializa ciertas estructuras de datos dentro de las funciones getname, lo que permite a usuarios locales leer el contenido de algunas celdas de memoria del núcleo llamando a getsockname en (1) un socket AF_APPLETALK, relacionado con la función atalk_getname en net/appletalk/ddp.c; (2) un socket AF_IRDA, relacionado con la función irda_getname en net/irda/af_irda.c; (3) un socket AF_ECONET, relacionado con la función econet_getname en net/econet/af_econet.c; (4) un socket AF_NETROM, relacionado con la función nr_getname en net/netrom/af_netrom.c; (5) un socket AF_ROSE, relacionado con la función rose_getname en net/rose/af_rose.c, o (6) un raw socket CAN , relacionado con la función raw_getname en net/can/raw.c. • https://www.exploit-db.com/exploits/9521 https://www.exploit-db.com/exploits/9543 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=09384dfc76e526c3993c09c42e016372dc9dd22c http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=17ac2e9c58b69a1e25460a568eae1b0dc0188c25 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3d392475c873c10c10d6d96b94d092a34ebd4791 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •