NotCVE - vendor:"Linux" product:"Linux Kernel" version:" <= 3.2"

Page 644 of 3789 results (0.022 seconds)

CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0

CVE-2009-1895 – kernel: personality: fix PER_CLEAR_ON_SETID

https://notcve.org/view.php?id=CVE-2009-1895

The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR). El subsistema de personalidad en el Linux kernel anterior a v2.6.31-rc3 tiene establecido que PER_CLEAR_ON_SETID no borre las banderas ADDR_COMPAT_LAYOUT y MMAP_PAGE_ZERO cuando ejecuta un programa setuid o setgid, lo que facilita a usuarios locales aprovechar los detalles del uso actual de memoria para (1) llevar a cabo ataques de deferencia a punteros NULOS, (2) evitar el mecanismo de protección mmap_min_addr o (3) rechazar aleatoriamente el espacio en la capa de direcciones (ASLR). • http://blog.cr0.org/2009/06/bypassing-linux-null-pointer.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f9fabcb58a6d26d6efde842d1703ac7cfa9427b6 http://patchwork.kernel.org/patch/32598 http://secunia.com/advisories/35801 http://secunia.com/advisories/36045 http://secunia.com/advisories/36051 http://secunia.com/advisories/36054 http://secunia.com/advisories/36116 http://secunia.com/advisories/36131 http://secunia.com/advisories/36759 http:// • CWE-16: Configuration •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2009-1388 – kernel: do_coredump() vs ptrace_start() deadlock

https://notcve.org/view.php?id=CVE-2009-1388

The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle simultaneous execution of the do_coredump function, which allows local users to cause a denial of service (deadlock) via vectors involving the ptrace system call and a coredumping thread. La función ptrace_start de kernel/ptrace.c en el kernel de Linux v2.6.18, no maneja adecuadamente la ejecución simultánea de la función do_coredump, esto permite a usuarios locales provocar una denegación de servicio -bloqueo mutuo (deadlock)- a través de vectores que incluyen la llamada al sistema ptrace y un hilo coredumping. • http://marc.info/?l=oss-security&m=124654277229434&w=2 http://osvdb.org/55679 http://secunia.com/advisories/36131 http://secunia.com/advisories/37471 http://www.redhat.com/support/errata/RHSA-2009-1193.html http://www.securityfocus.com/archive/1/507985/100/0/threaded http://www.securityfocus.com/bid/35559 http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://www.vupen.com/english/advisories/2009/3316 https://bugzilla.redhat.com/attachment.cgi?id=346615 • CWE-667: Improper Locking •

CVSS: 4.9EPSS: 0%CPEs: 7EXPL: 0

CVE-2009-2287

https://notcve.org/view.php?id=CVE-2009-2287

The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function. La funciónkvm_arch_vcpu_ioctl_set_sregs en el KVM en el Kernel Linux v2.6 anterior a v2.6.30, ejecutado sobre plataformas x86, no valida la "page table root" (raíz de tabla de páginas) en una llamada KVM_SET_SREGS, lo que permite a usuarios locales provocar una denegación de servicio (cuelgue o caída) a través de un valor cr3 manipulado, lo que lanza un deferencia a puntero NULL en la función gfn_to_rmap. • http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git%3Ba=blob%3Bf=queue-2.6.30/kvm-x86-check-for-cr3-validity-in-ioctl_set_sregs.patch%3Bh=b48a47dad2cf76358b327368f80c0805e6370c68%3Bhb=e7c45b24f298b5d9efd7d401150f64a1b51aaac4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=59839dfff5eabca01cc4e20b45797a60a80af8cb http://secunia.com/advisories/35675 http://secunia.com/advisories/36045 http://secunia.com/advisories/36054 http://sourceforge.net/tracker/?func=detail&atid& • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 10%CPEs: 412EXPL: 1

CVE-2009-1389 – kernel: r8169: fix crash when large packets are received

https://notcve.org/view.php?id=CVE-2009-1389

Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet. Desbordamiento de memoria en el driver RTL8169 NIC (drivers/net/r8169.c) en el kernel de Linux anteriores a v2.6.30 permite a atacantes remotos producir una denegación de servicio (consumo de memoria del kernel y caída) a través de un paquete largo. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=fdd7b4c3302c93f6833e338903ea77245eb510b4 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://lkml.org/lkml/2009/6/8/194 http://marc.info/?l=linux-netdev&m=123462461713724&w=2 http://secunia.com/advisories/35265 http://secunia.com/advisories/35566 http://secunia.com/advisories/35847 http://secunia& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.7EPSS: 0%CPEs: 15EXPL: 5

CVE-2009-1961 – Linux Kernel 2.6.x - 'splice' Double Lock Local Denial of Service

https://notcve.org/view.php?id=CVE-2009-1961

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions. El código de doble bloqueo del inodo de fs/ocfs2/file.c del kernel de Linux v2.6.30 anterior a v2.6.30-rc3, v2.6.27 anterior a v2.6.27.24, v2.6.29 anterior a v2.6.29.4 y puede que otras versiones anteriores a v2.6.19; permite a usuarios locales provocar una denegación de servicio (prevención de creación y borrado de ficheros) a través de una serie de llamadas al sistema anidadas que provocan un bloqueo mutuo -deadlock- entre las funciones generic_file_splice_write, splice_from_pipe y ocfs2_file_splice_write. • https://www.exploit-db.com/exploits/33015 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=7bfac9ecf0585962fe13584f5cf526d8c8e76f17 http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html http://secunia.com/advisories/35390 http://secunia.com/advisories/35394 http://secunia.com/advisories/35656 http&# • CWE-667: Improper Locking •

1...642 643 644 645 646