CVSS: 9.8EPSS: 2%CPEs: 17EXPL: 1CVE-2011-1493
https://notcve.org/view.php?id=CVE-2011-1493
21 Jun 2012 — Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket. Un error de indice de array en la función rose_parse_national en net/rose/rose_subr.c en versiones del kernel de Linux anteriores a v2.6.39 permite a at... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 •
CVSS: 7.5EPSS: 4%CPEs: 10EXPL: 4CVE-2012-2127
https://notcve.org/view.php?id=CVE-2012-2127
21 Jun 2012 — fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd. fs/proc/root.c en las implementaciones de procfs del kernel de Linux anteriores a v3.2 no interactua adecuadamente con las llamadas al sistema de CLONE_NEWPID, lo... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=905ad269c55fc62bee3da29f7b1d1efeba8aa1e1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 1CVE-2012-2313 – kernel: unfiltered netdev rio_ioctl access by users
https://notcve.org/view.php?id=CVE-2012-2313
13 Jun 2012 — The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. La función rio_ioctl de drivers/net/ethernet/dlink/dl2k.c del kernel de Linux en versiones anteriores a la 3.3.7 no restringe el acceso al comando SIOCSMIIREG, lo que permite a usuarios locales escribir datos a un adaptador Ethernet a través de una llamada ioctl. Potential vulnerabili... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2208
https://notcve.org/view.php?id=CVE-2011-2208
13 Jun 2012 — Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call. Error de signo de entero en la función osf_getdomainname de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha permite a usuarios locales obtener información sensible de la memoria del kernel a través de una llamada ... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2209
https://notcve.org/view.php?id=CVE-2011-2209
13 Jun 2012 — Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call. Error de signo de entero en la función osf_sysinfo de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha permite a usuarios locales obtener información sensible de la memoria del kernel a través de una llamada modificada. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2012-2375 – kernel: incomplete fix for CVE-2011-4131
https://notcve.org/view.php?id=CVE-2012-2375
13 Jun 2012 — The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131. La función __nfs4_get_acl_uncached de fs/nfs/nfs4proc.c de la implementación NFSv4 del kernel de Linux en versiones... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=20e0fa98b751facf9a1101edaefbc19c82616a68 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 1CVE-2011-2496 – kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions
https://notcve.org/view.php?id=CVE-2011-2496
13 Jun 2012 — Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping. Desbordamiento de entero en la función vma_to_resize de mm/mremap.c del kernel de Linux en versiones anteriores a la 2.6.39. Permite a usuarios locales provocar una denegación de servicio (BUG_ON y caída del sistema) a través de una llamada del sistema mremap modificada que exp... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2210
https://notcve.org/view.php?id=CVE-2011-2210
13 Jun 2012 — The osf_getsysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform does not properly restrict the data size for GSI_GET_HWRPB operations, which allows local users to obtain sensitive information from kernel memory via a crafted call. La función osf_getsysinfo de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha no restringe apropiadamente el tamaño de datos de las operaciones GSI_GET_HWRPB, lo que pe... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 17EXPL: 1CVE-2011-1759
https://notcve.org/view.php?id=CVE-2011-1759
13 Jun 2012 — Integer overflow in the sys_oabi_semtimedop function in arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 2.6.39 on the ARM platform, when CONFIG_OABI_COMPAT is enabled, allows local users to gain privileges or cause a denial of service (heap memory corruption) by providing a crafted argument and leveraging a race condition. Desbordamiento de entero en la función sys_oabi_semtimedop en arch/arm/kernel/sys_oabi-compat.c en el Kernel de Linux anterior a v2.6.39 en la plataforma ARM, cuando CONFIG_O... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2012-2384 – kernel: drm/i915: integer overflow in i915_gem_do_execbuffer()
https://notcve.org/view.php?id=CVE-2012-2384
13 Jun 2012 — Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. Desbordamiento de entero en la función i915_gem_do_execbuffer de drivers/gpu/drm/i915/i915_gem_execbuffer.c del subsistema Direct Rendering Manager (DRM) del kernel de Lin... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=44afb3a04391a74309d16180d1e4f8386fdfa745 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •