CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 1CVE-2011-2183 – Linux Kernel 2.6.x - KSM Local Denial of Service
https://notcve.org/view.php?id=CVE-2011-2183
13 Jun 2012 — Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application. Condición de carrera en la función scan_get_next_rmap_item de mm/ksm.c del kernel de Linux en versiones anteriores a la 2.6.39.3, si "Kernel SamePage Merging" (KSM) está habilitado, permite a usuarios locales provocar... • https://www.exploit-db.com/exploits/35820 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2208
https://notcve.org/view.php?id=CVE-2011-2208
13 Jun 2012 — Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call. Error de signo de entero en la función osf_getdomainname de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha permite a usuarios locales obtener información sensible de la memoria del kernel a través de una llamada ... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2209
https://notcve.org/view.php?id=CVE-2011-2209
13 Jun 2012 — Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call. Error de signo de entero en la función osf_sysinfo de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha permite a usuarios locales obtener información sensible de la memoria del kernel a través de una llamada modificada. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2210
https://notcve.org/view.php?id=CVE-2011-2210
13 Jun 2012 — The osf_getsysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform does not properly restrict the data size for GSI_GET_HWRPB operations, which allows local users to obtain sensitive information from kernel memory via a crafted call. La función osf_getsysinfo de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha no restringe apropiadamente el tamaño de datos de las operaciones GSI_GET_HWRPB, lo que pe... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2211
https://notcve.org/view.php?id=CVE-2011-2211
13 Jun 2012 — The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform uses an incorrect pointer, which allows local users to gain privileges by writing a certain integer value to kernel memory. La función osf_wait4 de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha utiliza un puntero incorrecto, lo que permite a usuarios locales escalar privilegios escribiendo un valor entero determinado en la memoria del ... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 1CVE-2012-2313 – kernel: unfiltered netdev rio_ioctl access by users
https://notcve.org/view.php?id=CVE-2012-2313
13 Jun 2012 — The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. La función rio_ioctl de drivers/net/ethernet/dlink/dl2k.c del kernel de Linux en versiones anteriores a la 3.3.7 no restringe el acceso al comando SIOCSMIIREG, lo que permite a usuarios locales escribir datos a un adaptador Ethernet a través de una llamada ioctl. Potential vulnerabili... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2012-2375 – kernel: incomplete fix for CVE-2011-4131
https://notcve.org/view.php?id=CVE-2012-2375
13 Jun 2012 — The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131. La función __nfs4_get_acl_uncached de fs/nfs/nfs4proc.c de la implementación NFSv4 del kernel de Linux en versiones... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=20e0fa98b751facf9a1101edaefbc19c82616a68 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 1CVE-2012-2383 – kernel: drm/i915: integer overflow in i915_gem_execbuffer2()
https://notcve.org/view.php?id=CVE-2012-2383
13 Jun 2012 — Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. Desbordamiento de entero en la función i915_gem_execbuffer2 de drivers/gpu/drm/i915/i915_gem_execbuffer.c del subsistema Direct Rendering Manager (DRM) del kernel de Linux e... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ed8cd3b2cd61004cab85380c52b1817aca1ca49b • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2012-2384 – kernel: drm/i915: integer overflow in i915_gem_do_execbuffer()
https://notcve.org/view.php?id=CVE-2012-2384
13 Jun 2012 — Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. Desbordamiento de entero en la función i915_gem_do_execbuffer de drivers/gpu/drm/i915/i915_gem_execbuffer.c del subsistema Direct Rendering Manager (DRM) del kernel de Lin... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=44afb3a04391a74309d16180d1e4f8386fdfa745 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2012-2390 – kernel: huge pages: memory leak on mmap failure
https://notcve.org/view.php?id=CVE-2012-2390
13 Jun 2012 — Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations. Memoria no liberada (memory leak) en mm/hugetlb.c del kernel de Linux en versiones anteriores a la 3.4.2. Permite a usuarios locales provocar una denegación de servicio (consumo de la memoria o caída del sistema) a traves de operaciones mmap MAP_HUGETLB inválidas. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c50ac050811d6485616a193eb0f37bfbd191cc89 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •