CVSS: 4.0EPSS: 0%CPEs: 9EXPL: 0CVE-2011-4347 – kernel: kvm: device assignment DoS
https://notcve.org/view.php?id=CVE-2011-4347
The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation. La función kvm_vm_ioctl_assign_device en virt/kvm/assigned-dev.c de los subsistemas KVM en los kernel Linux anteriores a v3.1.10 no verifica los permisos de acceso al espacio de configuración PCI y recursos BAR, permitiendo que usuarios del SO asignen dispositivos PCI y provoquen una denegación del servicio (parada del SO) mediante una operación KVM_ASSIGN_PCI_DEVICE. • http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.10 http://www.openwall.com/lists/oss-security/2011/11/24/7 https://bugzilla.redhat.com/show_bug.cgi?id=756084 https://github.com/torvalds/linux/commit/c4e7f9022e506c6635a5037713c37118e23193e4 https://access.redhat.com/security/cve/CVE-2011-4347 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 3CVE-2012-0055 – OverlayFS inode Security Checks - 'inode.c' Local Security Bypass
https://notcve.org/view.php?id=CVE-2012-0055
OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. OverlayFS en el kernel de Linux versiones anteriores a 3.0.0-16.28, como es usado en Ubuntu versiones 10.0.4 LTS y 11.10, carece de verificaciones de seguridad de inode que podrían permitir a atacantes omitir las restricciones de seguridad y llevar a cabo acciones no autorizadas. • https://www.exploit-db.com/exploits/36571 http://www.openwall.com/lists/oss-security/2012/01/17/11 http://www.ubuntu.com/usn/USN-1363-1 http://www.ubuntu.com/usn/USN-1364-1 http://www.ubuntu.com/usn/USN-1384-1 https://access.redhat.com/security/cve/cve-2012-0055 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/915941 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-0055 • CWE-862: Missing Authorization •
CVSS: 4.9EPSS: 0%CPEs: 84EXPL: 0CVE-2011-4086 – kernel: jbd2: unmapped buffer with _Unwritten or _Delay flags set can lead to DoS
https://notcve.org/view.php?id=CVE-2011-4086
The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal. La función journal_unmap_buffer en fs/jbd2/transaction.c en el kernel de linux anterior a v3.3.1 no maneja correctamente el "buffer head states" _Delay y _Unwritten, permitiendo a usuarios locales causar una denegación de servicio aprovechándose de la presencia de un sistema de ficheros ext4 que está montado con journal • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=15291164b22a357cb211b618adfef4fa82fc0de3 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html http://rhn.redhat.com/errata/RHSA-2012-0571.html http://rhn.redhat.com/errata/RHSA-2012-0670.html http://secunia.com/advisories/48898 http://secunia.com/advisories/48964 http://www.debian.org/security/2012/dsa-2469 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 63EXPL: 1CVE-2012-0028 – kernel: futex: clear robust_list on execve
https://notcve.org/view.php?id=CVE-2012-0028
The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process. La implementación de robust futex en el kernel de Linux antes de v2.6.28 no maneja adecuadamente los procesos que realizan llamadas Exec System Recovery, lo que permite a usuarios locales provocar una denegación de servicio o posiblemente obtener privilegios escribiendo en una ubicación de memoria en un proceso hijo. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8141c7f3e7aee618312fa1c15109e1219de784a7 http://www.openwall.com/lists/oss-security/2012/05/08/1 https://bugzilla.redhat.com/show_bug.cgi?id=771764 https://github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7 https://access.redhat.com/security/cve/CVE-2012-0028 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0038 – kernel: xfs heap overflow
https://notcve.org/view.php?id=CVE-2012-0038
Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow. Desbordamiento de entero en la función xfs_acl_from_disk en fs/xfs/xfs_acl.c en el núcleo de Linux anterior a v3.1.9 que permite a usuarios locales causar una denegación de servicio (panic) a través del sistema de ficheros con una lista ACL mal construida, dando lugar a un desbordamiento de búfer basado en heap. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=093019cf1b18dd31b2c3b77acce4e000e2cbc9ce http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa8b18edd752a8b4e9d1ee2cd615b82c93cf8bba http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.9 http://www.openwall.com/lists/oss-security/2012/01/10/11 https://bugzilla.redhat.com/show_bug.cgi?id=773280 https://github.com/torvalds/linux/commit/093019cf1b18dd31b2c3b77acce4e000e2cbc9ce https:/&# • CWE-190: Integer Overflow or Wraparound •