Page 849 of 5145 results (0.021 seconds)

CVSS: 7.1EPSS: 1%CPEs: 11EXPL: 0

Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482. Condición de carrera en la función sctp_rcv de net/sctp/input.c en el kernel Linux anteriores a v2.6.29 permite que atacantes remotos provoquen una denegación de servicio (sistema bloqueado) mediante paquetes SCTP. NOTA: en algunos entornos, este problema se produce por una corrección incompleta para CVE-2011-2482. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ae53b5bd77719fed58086c5be60ce4f22bffe1c6 http://www.openwall.com/lists/oss-security/2012/03/05/2 https://bugzilla.redhat.com/show_bug.cgi?id=757143 https://github.com/torvalds/linux/commit/ae53b5bd77719fed58086c5be60ce4f22bffe1c6 https://access.redhat.com/security/cve/CVE-2011-4348 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error. La función m_stop en fs/proc/task_mmu.c en el kernel de Linux antes de v2.6.39 permite a usuarios locales provocar una denegación de servicio a través de vectores que provocan un error m_start. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=76597cd31470fa130784c78fadb4dab2e624a723 http://www.openwall.com/lists/oss-security/2012/02/06/1 https://bugzilla.redhat.com/show_bug.cgi?id=747848 https://github.com/torvalds/linux/commit/76597cd31470fa130784c78fadb4dab2e624a723 https://access.redhat.com/security/cve/CVE-2011-3637 • CWE-476: NULL Pointer Dereference •

CVSS: 4.9EPSS: 0%CPEs: 314EXPL: 0

The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly initializing certain data, which allows local users to cause a denial of service (NULL pointer dereference and O_DIRECT oops), as demonstrated using diotest4 from LTP. La implementación de NFS en el kernel de Linux antes de v2.6.31-rc6 llama a ciertas funciones sin inicializar adecuadamente ciertos datos, lo que permite a usuarios locales provocar una denegación de servicio (desrefenrencia de puntero NULL y oops de O_DIRECT), como se demuestra usando diotest4 de LTP. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=1ae88b2e4 http://www.securityfocus.com/bid/51366 https://bugzilla.redhat.com/show_bug.cgi?id=755455 https://exchange.xforce.ibmcloud.com/vulnerabilities/72297 https://access.redhat.com/security/cve/CVE-2011-4325 • CWE-476: NULL Pointer Dereference •

CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 1

The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem. La función de encode_share_access fs/nfs/nfs4xdr.c en versiones del kernel de Linux anteriores a v2.6.29 permite a usuarios locales provocar una denegación de servicio (caída del sistema) mediante el uso de la llamada al sistema 'mknod' con una ruta de acceso en un sistema de archivos NFSv4. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dc0b027dfadfcb8a5504f7d8052754bf8d501ab9 http://www.openwall.com/lists/oss-security/2012/02/06/3 https://bugzilla.redhat.com/show_bug.cgi?id=755440 https://github.com/torvalds/linux/commit/dc0b027dfadfcb8a5504f7d8052754bf8d501ab9 https://access.redhat.com/security/cve/CVE-2011-4324 •

CVSS: 7.4EPSS: 0%CPEs: 59EXPL: 2

The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume. El kernel de Linux anterior a v3.2.2 no restringe adecuadamente llamadas SG_IO ioctl, permitiendo a usuarios locales eludir restricciones de lectura y escritura en disco mediante el envío de un comando SCSI a (1) un dispositivo de bloques de particiones o (2) un volumen LVM. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0bfc96cb77224736dfa35c3c555d37b3646ef35e http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec8013beddd717d1740cfefb1a9b900deef85462 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://secunia.com/advisories/48898 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 http://www& • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •