CVSS: 4.7EPSS: 0%CPEs: 10EXPL: 1CVE-2011-2183 – Linux Kernel 2.6.x - KSM Local Denial of Service
https://notcve.org/view.php?id=CVE-2011-2183
Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application. Condición de carrera en la función scan_get_next_rmap_item de mm/ksm.c del kernel de Linux en versiones anteriores a la 2.6.39.3, si "Kernel SamePage Merging" (KSM) está habilitado, permite a usuarios locales provocar una denegación de servicio (Resolución de puntero NULL) o posiblemente tener otros impactos sin especificar a través de una aplicación modificada. • https://www.exploit-db.com/exploits/35820 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2b472611a32a72f4a118c069c2d62a1a3f087afd http://www.openwall.com/lists/oss-security/2011/06/06/1 https://bugzilla.redhat.com/show_bug.cgi?id=710338 https://github.com/torvalds/linux/commit/2b472611a32a72f4a118c069c2d62a1a3f087afd https://access.redhat.com/security/cve/CVE-2011-2183 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 2.1EPSS: 0%CPEs: 17EXPL: 1CVE-2011-2493
https://notcve.org/view.php?id=CVE-2011-2493
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem. La función ext4_fill_super de fs/ext4/super.c del kernel de Linux en versiones anteriores a la 2.6.39 no inicializa apropiadamente una determinada estructura de datos de error-report. Lo que permite a usuarios locales provocar una denegación de servicio (OOPS) tratando de montar un sistema de archivos ext4 modificado. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0449641130f5652b344ef6fa39fa019d7e94660a http://www.openwall.com/lists/oss-security/2011/06/24/4 https://github.com/torvalds/linux/commit/0449641130f5652b344ef6fa39fa019d7e94660a •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 5CVE-2011-2928
https://notcve.org/view.php?id=CVE-2011-2928
The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem. La función befs_follow_link en fs/befs/linuxvfs.c en el Kernel de Linux anterior a v 3.1-rc3 no valida el atributo longitud de enlaces simbólicos, lo que permite a usuarios locales provocar una denegación de servicio (desreferencia a puntero incorrecta y OOPS) accediendo a un largo enlace simbólico en un fichero de sistema mal formados. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338d0f0a6fbc82407864606f5b64b75aeb3c70f2 http://securityreason.com/securityalert/8360 http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.1-rc3 http://www.openwall.com/lists/oss-security/2011/08/19/1 http://www.openwall.com/lists/oss-security/2011/08/19/5 http://www.pre-cert.de/advisories/PRE-SA-2011-06.txt http://www.securityfocus.com/archive/1/519387/100/0/threaded http:/ • CWE-476: NULL Pointer Dereference •
CVSS: 3.3EPSS: 0%CPEs: 51EXPL: 1CVE-2011-1833 – kernel: ecryptfs: mount source TOCTOU race
https://notcve.org/view.php?id=CVE-2011-1833
Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid. Condición de carrera en la función ecryptfs_mount en fs/ecryptfs/main.c en el subsistema eCryptfs en el Kernel de Linux anteriores a v3.1 permite a usuarios locales evitar los permisos de ficheros impuestos a través de montar una unidad con mount.ecryptfs_private con un uid que no coincide. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=764355487ea220fdc2faf128d577d7f679b91f97 http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.ubuntu.com/usn/USN-1188-1 https://bugzilla.redhat.com/show_bug.cgi?id=731172 https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97 https://access.redhat.com/security/cve/CVE-2011-1833 • CWE-264: Permissions, Privileges, and Access Controls CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 1CVE-2011-2695 – kernel: ext4: kernel panic when writing data to the last block of sparse file
https://notcve.org/view.php?id=CVE-2011-2695
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer. Múltiples errores off-by-one en el subsistema de ext4 en el kernel de Linux antes de v3.0-rc5, permite a usuarios locales provocar una denegación de servicio (BUG_ON y caída del sistema) por acceder a un archivo disperso en el formato de medida con una operación de escritura con un número de bloque correspondiente al mayor número posible de un entero de 32 bits sin signo. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f17722f917b2f21497deb6edc62fb1683daa08e6 http://secunia.com/advisories/45193 http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc5 http://www.openwall.com/lists/oss-security/2011/07/15/7 http://www.openwall.com/lists/oss-security/2011/07/15/8 http://www.spinics.net/lists/linux-ext4/msg25697.html https://bugzilla.redhat.com/show_bug.cgi?id=722557 https://access.redhat.com&# • CWE-193: Off-by-one Error •