NotCVE - vendor:"Linux" product:"Linux Kernel" version:" <= 3.2"

Page 645 of 3789 results (0.019 seconds)

CVSS: 4.9EPSS: 0%CPEs: 291EXPL: 1

CVE-2009-1914 – Linux Kernel 2.6.x (Sparc64) - '/proc/iomem' Local Denial of Service

https://notcve.org/view.php?id=CVE-2009-1914

The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function. La función pci_register_iommu_region de arch/sparc/kernel/pci_common.c del kernel de Linux anterior a v2.6.29 en la plataforma sparc64, permite a usuarios locales provocar una denegación de servicio (caída del sistema), al leer el fichero /proc/iomem. Está relacionado con punteros no iniciados y la función request_resource. • https://www.exploit-db.com/exploits/33043 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=192d7a4667c6d11d1a174ec4cad9a3c5d5f9043c http://osvdb.org/54908 http://secunia.com/advisories/35656 http://secunia.com/advisories/36051 http://www.debian.org/security/2009/dsa-1844 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29 http://www.openwall.com/lists/oss-security/2009/06/03/3 http://www.securityfocus.com/bid/35415 http:/ • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 10%CPEs: 147EXPL: 1

CVE-2009-1385 – kernel: e1000_clean_rx_irq() denial of service

https://notcve.org/view.php?id=CVE-2009-1385

Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size. Desbordamiento inferior de entero en la función 1000_clean_rx_irq en drivers/net/e1000/e1000_main.c en el controlador e1000 en Linux kernel anterior a v2.6.30-rc8, el controlador e1000e en el kernel de Linux, y Intel Wired Ethernet (también conocido como e1000) anteriores a v7.5.5 permite a los atacantes remotos causar una denegación de servicios (panic) a través de un tamaño de marco manipulado. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea30e11970a96cfe5e32c03a29332554573b4a10 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html http://osvdb.org/54892 http://secunia.com/advisories/35265 http://secunia.com/advisories/35566 http://secunia.com/advisories/35623 http://secunia.com/advisories/35656 http://secunia.com/advisories/35847 http://secunia.com/advisories/36051 http://secunia.com/advisories/36131 http://secunia.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2009-1633 – kernel: cifs: fix potential buffer overruns when converting unicode strings sent by server

https://notcve.org/view.php?id=CVE-2009-1633

Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. Múltiples desbordamientos de búfer en el subsistema cifs en el kernel de Linux anterior a v2.6.29.4 permite a servidores remotos CIFS provocar una denegación de servicio (corrupción de memoria) y posiblemente tener otros impactos sin identificar a través de (1) una cadena Unicode mal formada, relacionado con el área de alineación de cadena Unicode en fs/cifs/sess.c; o (2) carateres largos _Unicode, relacionado con fs/cifs/cifssmb.c y la función cifs_readdir en fs/cifs/readdir.c. • http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git%3Ba=commit%3Bh=7b0c8fcff47a885743125dd843db64af41af5a61 http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git%3Ba=commit%3Bh=968460ebd8006d55661dec0fb86712b40d71c413 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27b87fe52baba0a55e9723030e76fce94fabcea4 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html http:/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 1

CVE-2009-1758 – kernel: xen: local denial of service

https://notcve.org/view.php?id=CVE-2009-1758

The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges." La función hypervisor_callback en Xen, posiblemente anteriores a v3.4.0, como la que se aplica al kernel de linux v2.6.30-rc4, 2.6.18 y posiblemente otroas versiones permiten a aplicaciones del usuario guess provocar una denegación de servicio (kernel opps) en el sistema invitado mediante cuando se provoca un fallo de segmentación en "determinados rangos de direcciones". • http://lists.xensource.com/archives/html/xen-devel/2009-05/msg00561.html http://secunia.com/advisories/35093 http://secunia.com/advisories/35298 http://www.debian.org/security/2009/dsa-1809 http://www.openwall.com/lists/oss-security/2009/05/14/2 http://www.securityfocus.com/bid/34957 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10313 https://access.redhat.com/security/cve/CVE-2009-1758 https://bugzilla.redhat.com/show_bug.cgi?id= • CWE-399: Resource Management Errors •

CVSS: 4.4EPSS: 0%CPEs: 13EXPL: 3

CVE-2009-1630 – kernel: nfs: fix NFS v4 client handling of MAY_EXEC in nfs_permission

https://notcve.org/view.php?id=CVE-2009-1630

The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver. La función nfs_permission en fs/nfs/dir.c en la implementación cliente NFS en Linux kernel v2.6.29.3 y versiones anteriores, cuando atomic_open está activo, no comprueba la ejecución (también conocido como EXEC or MAY_EXEC) de permisos de bits, lo cual permite a usuarios locales evitar permisos y ejecutar ficheros, como lo demostrado por ficheros en un servidor de ficheros NFSv4. • http://article.gmane.org/gmane.linux.nfs/26592 http://bugzilla.linux-nfs.org/show_bug.cgi?id=131 http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html http://secunia.com/advisories/35106 http://secunia.com/advisories/35298 http://secunia.com/advisories/35394 http&# • CWE-264: Permissions, Privileges, and Access Controls •

1...643 644 645 646 647