Page 801 of 4846 results (0.014 seconds)

CVSS: 5.4EPSS: 0%CPEs: 21EXPL: 1

The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading. La implementación de túneles ("tunnels") del kernel de Linux en versiones anteriores a la 2.6.34, si la funcionalidad de túneles está configurada como módulo, permite a atacantes remotos provocar una denegación de servicio (OOPS) enviando un paquete durante la carga del módulo. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d5aa407f59f5b83d2c50ec88f5bf56d40f1f8978 http://www.openwall.com/lists/oss-security/2011/05/05/6 https://bugzilla.redhat.com/show_bug.cgi?id=702303 https://github.com/torvalds/linux/commit/d5aa407f59f5b83d2c50ec88f5bf56d40f1f8978 https://access.redhat.com/security/cve/CVE-2011-1768 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.4EPSS: 0%CPEs: 21EXPL: 1

net/ipv4/ip_gre.c in the Linux kernel before 2.6.34, when ip_gre is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading. net/ipv4/ip_gre.c del kernel de Linux en versiones anteriores a la 2.6.34, si ip_gre es configurado como módulo, permite a atacantes remotos provocar una denegación de servicio (OOPS) enviando un paquete durante la carga del módulo. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c2892f02712e9516d72841d5c019ed6916329794 http://www.openwall.com/lists/oss-security/2011/05/05/6 https://bugzilla.redhat.com/show_bug.cgi?id=702303 https://github.com/torvalds/linux/commit/c2892f02712e9516d72841d5c019ed6916329794 https://access.redhat.com/security/cve/CVE-2011-1767 •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application. La función add_del_listener situada en kernel/taskstats.c del kernel de Linux v2.6.39.1 y versiones anteriores, no impide múltiples registros de los controladores de salida, que permiten a usuarios locales provocar una denegación de servicio (consumo de memoria y CPU), y eludir el OOM Killer, a través de una aplicación modificada. • http://lists.openwall.net/linux-kernel/2011/06/16/605 http://openwall.com/lists/oss-security/2011/06/22/1 http://openwall.com/lists/oss-security/2011/06/22/2 http://www.securityfocus.com/bid/48383 https://bugzilla.redhat.com/show_bug.cgi?id=715436 https://exchange.xforce.ibmcloud.com/vulnerabilities/68150 https://access.redhat.com/security/cve/CVE-2011-2484 • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in the clusterip_proc_write function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux kernel before 2.6.39 might allow local users to cause a denial of service or have unspecified other impact via a crafted write operation, related to string data that lacks a terminating '\0' character. Desbordamiento de búfer en la función clusterip_proc_write en net/ipv4/netfilter/ipt_CLUSTERIP.c en el kernel de Linux en la v2.6.39 y anteriores que podría permitir a usuarios locales provocar una denegación de servicio (caída) o que tienen un impacto no especificado a través de una operación de escritura a mano, en relación a los datos de cadena que carece de un terminador '\ 0'. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=961ed183a9fd080cf306c659b8736007e44065a5 http://marc.info/?l=netfilter&m=129978077509888&w=2 http://marc.info/?l=netfilter-devel&m=130036157327564&w=2 http://securityreason.com/securityalert/8284 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://www.openwall.com/lists/oss-security/2011/03/18/15 http://www.openwall.com/lists/oss-security/2011/03/21/1 http://www.openwall& • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call. net/core/ethtool.c en el kernel de Linux anterior a 2.6.36 no inicializa ciertas estructuras de datos, lo que permite a usuarios locales obtener información potencialmente sensible de la memoria dinámica del kernel elevando la capacidad CAP_NET_ADMIN de una llamada ethtool ioctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b00916b189d13a615ff05c9242201135992fcda3 http://openwall.com/lists/oss-security/2011/01/24/9 http://openwall.com/lists/oss-security/2011/01/25/3 http://openwall.com/lists/oss-security/2011/01/25/4 http://openwall.com/lists/oss-security/2011/01/25/5 http://openwall.com/lists/oss-security/2011/01/28/1 http://secunia.com/advisories/46397 http://www.kernel.org/pub/linux/kernel/v2& • CWE-665: Improper Initialization •