CVSS: 5.0EPSS: 6%CPEs: 5EXPL: 0CVE-2012-3364
https://notcve.org/view.php?id=CVE-2012-3364
Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields. Múltiples desbordamientos de búfer basados en pila en Near Field Communication Controller Interface (NCI) en el kernel de Linux antes de v3.4.5 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de tramas de entrada con campos de longitud hechas a mano. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67de956ff5dc1d4f321e16cfbd63f5be3b691b43 http://marc.info/?l=linux-kernel&m=134030878917784&w=2 http://ubuntu.com/usn/usn-1529-1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5 http://www.openwall.com/lists/oss-security/2012/06/27/9 https://github.com/torvalds/linux/commit/67de956ff5dc1d4f321e16cfbd63f5be3b691b43 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.7EPSS: 0%CPEs: 9EXPL: 0CVE-2012-2745 – kernel: cred: copy_process() should clear child->replacement_session_keyring
https://notcve.org/view.php?id=CVE-2012-2745
The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call. La función copy_creds en kernel/cred.c en el kernel de Linux anteriores a v3.3.2 ofrece un reemplazo invalido de claves de sesión a un proceso hijo, permitiendo a usuarios locales causar una denegación de servicio a través de una aplicación especialmente diseñada que utiliza la llamada al sistema fork • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=79549c6dfda0603dba9a70a53467ce62d9335c33 http://rhn.redhat.com/errata/RHSA-2012-1064.html http://secunia.com/advisories/50633 http://secunia.com/advisories/50853 http://secunia.com/advisories/50961 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.2 http://www.securityfocus.com/bid/54365 http://www.securitytracker.com/id?1027236 http://www.ubuntu.com/usn/USN-1567-1 http://www.ub • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 67EXPL: 2CVE-2012-3375 – Linux Kernel 3.2.24 - 'fs/eventpoll.c' Local Denial of Service
https://notcve.org/view.php?id=CVE-2012-3375
The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083. La llamada al sistema epoll_ctl en fs/eventpoll.c en el Kernel de Linux anteriores a v3.2.24 no gestiona de forma adecuada errores ELOOP en operaciones EPOLL_CTL_ADD, lo que permite a usuarios locales provocar una denegación de servicio (consumo de descriptores de ficheros y caída del sistema) a través de una aplicación manipulada que intenta crear una dependencia epoll circular. NOTA: esta vulnerabilidad existe debido a una resolución incorrecta de CVE-2011-1083. The Linux kernel suffers from a local denial of service vulnerability in fs/eventpoll.c. • https://www.exploit-db.com/exploits/19605 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=13d518074a952d33d47c428419693f63389547e9 http://secunia.com/advisories/51164 http://ubuntu.com/usn/usn-1529-1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24 http://www.openwall.com/lists/oss-security/2012/07/04/2 http://www.securitytracker.com/id?1027237 https://bugzilla.redhat.com/show_bug.cgi?id=837502 https://downloads.avaya.com& •
CVSS: 5.0EPSS: 4%CPEs: 10EXPL: 4CVE-2012-2127
https://notcve.org/view.php?id=CVE-2012-2127
fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd. fs/proc/root.c en las implementaciones de procfs del kernel de Linux anteriores a v3.2 no interactua adecuadamente con las llamadas al sistema de CLONE_NEWPID, lo que permite a atacantes remotos provocar una denegación de servicio (pérdida de referencia y consumo excesivo de memoria), haciendo muchas conexiones a un demonio que usa namespaces PID para aislar a los clientes, como lo demuestra vsftpd. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=905ad269c55fc62bee3da29f7b1d1efeba8aa1e1 http://ubuntu.com/usn/usn-1607-1 http://www.kernel.org/pub/linux/kernel/v3.x http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.2.bz2 http://www.openwall.com/lists/oss-security/2012/04/20/25 http://www.openwall.com/lists/oss-security/2012/04/22/1 http://www.securityfocus.com/bid/55774 http://www.ubuntu.com/usn/USN-1594-1 https:& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 1CVE-2011-4913
https://notcve.org/view.php?id=CVE-2011-4913
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket. La función rose_parse_ccitt en la net/rose/rose_subr.c en el kernel de Linux en versiones anteriores a la v2.6.39 no valida los campos FAC_CCITT_DEST_NSAP y FAC_CCITT_SRC_NSAP, lo que permite a atacantes remotos (1) provocar una denegación de servicio (desbordamiento de enteros, corrupción de memoria dinámica, y 'panic' del kernel) a través de un valor de longitud pequeña en los datos enviados a un 'socket' ROSE, o (2) llevar a cabo ataques de desbordamiento de pila basados ??en buffer a través de un valor de longitud demasiado grande en los datos enviados a un 'socket' ROSE. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=be20250c13f88375345ad99950190685eda51eb8 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://www.openwall.com/lists/oss-security/2011/12/28/2 https://bugzilla.redhat.com/show_bug.cgi?id=770777 https://github.com/torvalds/linux/commit/be20250c13f88375345ad99950190685eda51eb8 • CWE-20: Improper Input Validation •