NotCVE - vendor:"Linux" product:"Linux Kernel" version:" <= 4.13.7"

Page 781 of 4771 results (0.017 seconds)

CVSS: 4.9EPSS: 0%CPEs: 17EXPL: 1

CVE-2011-2496 – kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions

https://notcve.org/view.php?id=CVE-2011-2496

Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping. Desbordamiento de entero en la función vma_to_resize de mm/mremap.c del kernel de Linux en versiones anteriores a la 2.6.39. Permite a usuarios locales provocar una denegación de servicio (BUG_ON y caída del sistema) a través de una llamada del sistema mremap modificada que expande el mapeo de memoria ("memory mapping"). • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=982134ba62618c2d69fbbbd166d0a11ee3b7e3d8 http://www.openwall.com/lists/oss-security/2011/06/27/2 https://bugzilla.redhat.com/show_bug.cgi?id=716538 https://github.com/torvalds/linux/commit/982134ba62618c2d69fbbbd166d0a11ee3b7e3d8 https://access.redhat.com/security/cve/CVE-2011-2496 • CWE-189: Numeric Errors •

CVSS: 6.2EPSS: 0%CPEs: 68EXPL: 0

CVE-2011-2905 – kernel: perf tools: may parse user-controlled configuration file

https://notcve.org/view.php?id=CVE-2011-2905

Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory. Vulnerabilidad de ruta de no confianza en la función perf_config en tools/perf/util/config.c en perf, distribuido en el kernel de Linux antes de v3.1, permite a usuarios locales sobreescribir archivos arbitrarios mediante un archivo de configuración diseñado en el directorio de trabajo actual. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=aba8d056078e47350d85b06a9cabd5afcc4b72ea http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.openwall.com/lists/oss-security/2011/08/09/6 https://bugzilla.redhat.com/show_bug.cgi?id=729808 https://github.com/torvalds/linux/commit/aba8d056078e47350d85b06a9cabd5afcc4b72ea https://access.redhat.com/security/cve/CVE-2011-2905 •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2011-3191 – kernel: cifs: signedness issue in CIFSFindNext()

https://notcve.org/view.php?id=CVE-2011-3191

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. Error de signo de entero en la función CIFSFindNext en fs/cifs/cifssmb.c en el kernel de Linux antes de v3.1 permite a los servidores CIFS remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de un valor de gran longitud en una respuesta a una petición de lectura de un directorio. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9438fabb73eb48055b58b89fc51e0bc4db22fabd http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.openwall.com/lists/oss-security/2011/08/24/2 https://bugzilla.redhat.com/show_bug.cgi?id=732869 https://github.com/torvalds/linux/commit/9438fabb73eb48055b58b89fc51e0bc4db22fabd https://access.redhat.com/security/cve/CVE-2011-3191 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.9EPSS: 0%CPEs: 51EXPL: 0

CVE-2011-2909

https://notcve.org/view.php?id=CVE-2011-2909

The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string. La función do_devinfo_ioctl en drivers/staging/comedi/comedi_fops.c en el kernel de Linux anterior a 3.1 permite a usuarios locales obtener información sensible de la memoria del kernel a través de una copia de una cadena corta. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=819cbb120eaec7e014e5abd029260db1ca8c5735 http://www.openwall.com/lists/oss-security/2011/08/12/1 https://github.com/torvalds/linux/commit/819cbb120eaec7e014e5abd029260db1ca8c5735 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.1.bz2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1

CVE-2011-2482 – kernel: sctp dos

https://notcve.org/view.php?id=CVE-2011-2482

A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet. Cierto parche Red Hat para la función sctp_sock_migrate en net/sctp/socket.c en el Linux Kernel anterior a v2.6.21, como se utilizaba en Red Hat Enterprise Linux (RHEL) 5, permite a atacantes remotos causar una denegación de servicio (Null pointer dereference y OOPS) mediante un paquete SCTP. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d http://rhn.redhat.com/errata/RHSA-2011-1212.html http://www.openwall.com/lists/oss-security/2011/08/30/1 https://bugzilla.redhat.com/show_bug.cgi?id=714867 https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d https://access.redhat.com/security/cve/CVE-2011-2482 • CWE-476: NULL Pointer Dereference •

1...779 780 781 782 783