CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-1601 – kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency
https://notcve.org/view.php?id=CVE-2012-1601
17 May 2012 — The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists. La implementación KVM en el núcleo de Linux anterior a la versión V3.3.6 permite a los usuarios del sistema operativo causar una denegación de servicio (puntero NULL a referencia eliminada y caída del sistema operativo del host) al hacer una llamada ioctl KVM_CREATE_IRQCHIP sobre un... • http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html • CWE-399: Resource Management Errors •
CVSS: 5.7EPSS: 0%CPEs: 10EXPL: 0CVE-2012-1090 – kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount
https://notcve.org/view.php?id=CVE-2012-1090
17 May 2012 — The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. La función cifs_lookup en fs/cifs/dir.c en el núcleo de Linux anteriores a v3.2.10 permite a usuarios locales causar una denegación de servicio (OOPS) a través de intentos de acceso a un archivo especial, como lo demuestra un FIFO. • http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2012-1097 – kernel: regset: Prevent null pointer reference on readonly regsets
https://notcve.org/view.php?id=CVE-2012-1097
17 May 2012 — The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call. El funcionalidad regset (también conocido como conjunto de registros) en el kernel de Linux antes de v3.2.10 no controla correctamente la ausencia de métodos ."set" y ".get", lo que permite ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c8e252586f8d5de906385d8cf6385fee289a825e • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 3CVE-2012-1146
https://notcve.org/view.php?id=CVE-2012-1146
17 May 2012 — The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events. La función mem_cgroup_usage_unregister_event en mm/memcontrol.c en el núcleo de Linux anteriores a v3.2.10 no maneja apropiadamente múltiples eventos qu... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=371528caec553785c37f73fa3926ea0de84f986f • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-1179 – kernel: thp: __split_huge_page() mapcount != page_mapcount BUG_ON()
https://notcve.org/view.php?id=CVE-2012-1179
17 May 2012 — The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages. El kernel de Linux en versiones anteriores a la v3.3.1, cuando se utiliza KVM, permite causar una denegación de servicio (caída del sistema operativo 'Host') a los usuarios de un sistema operativo invitado, aprovechando el acceso administrativo al sistema operativo... • http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075781.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-2121 – kvm: device assignment page leak
https://notcve.org/view.php?id=CVE-2012-2121
17 May 2012 — The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices. La implementación de KVM en el kernel de Linux en versiones anteriores a la v3.3.4 no gestiona correctamente la relación entre las ranuras de memoria y el IOMMU, lo que permite cau... • http://rhn.redhat.com/errata/RHSA-2012-0676.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-2123 – kernel: fcaps: clear the same personality flags as suid when fcaps are used
https://notcve.org/view.php?id=CVE-2012-2123
17 May 2012 — The cap_bprm_set_creds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the use of file system capabilities (aka fcaps) for implementing a privileged executable file, which allows local users to bypass intended personality restrictions via a crafted application, as demonstrated by an attack that uses a parent process to disable ASLR. La función cap_bprm_set_creds en security/commoncap.c en el núcleo de Linux antes de v3.3.3 no controla correctamente el uso de las ca... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d52fc5dde171f030170a6cb78034d166b13c9445 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-2319 – kernel: Buffer overflow in the HFS plus filesystem (different issue than CVE-2009-4020)
https://notcve.org/view.php?id=CVE-2012-2319
17 May 2012 — Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020. Múltiples vulnerabilidades de desbordamiento de buffer en la implementación de filesystem hfsplus in el núcleo de Linux antes de la versión v3.3.5 que permite a usuarios locales conseguir privilegios a través de HFS plus filesystem, un problema relacionado con CVE-2009-4020. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f24f892871acc47b40dd594c63606a17c714f77 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 83%CPEs: 2EXPL: 4CVE-2012-0056 – Linux Kernel 2.6.39 < 3.2.2 (x86/x64) - 'Mempodipper' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2012-0056
27 Jan 2012 — The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1CVE-2011-4077 – kernel: xfs: potential buffer overflow in xfs_readlink()
https://notcve.org/view.php?id=CVE-2011-4077
27 Jan 2012 — Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname. Un desbordamiento de búfer en la función xfs_readlink en fs/xfs/xfs_vnodeops.c en XFS en el kernel de Linux v2.6, cuando CONFIG_XFS_DEBUG está desactivado, permite a usuarios locales provocar una... • http://marc.info/?l=bugtraq&m=139447903326211&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •