CVSS: 6.2EPSS: 0%CPEs: 68EXPL: 0CVE-2011-2905 – kernel: perf tools: may parse user-controlled configuration file
https://notcve.org/view.php?id=CVE-2011-2905
Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory. Vulnerabilidad de ruta de no confianza en la función perf_config en tools/perf/util/config.c en perf, distribuido en el kernel de Linux antes de v3.1, permite a usuarios locales sobreescribir archivos arbitrarios mediante un archivo de configuración diseñado en el directorio de trabajo actual. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=aba8d056078e47350d85b06a9cabd5afcc4b72ea http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.openwall.com/lists/oss-security/2011/08/09/6 https://bugzilla.redhat.com/show_bug.cgi?id=729808 https://github.com/torvalds/linux/commit/aba8d056078e47350d85b06a9cabd5afcc4b72ea https://access.redhat.com/security/cve/CVE-2011-2905 •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3191 – kernel: cifs: signedness issue in CIFSFindNext()
https://notcve.org/view.php?id=CVE-2011-3191
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. Error de signo de entero en la función CIFSFindNext en fs/cifs/cifssmb.c en el kernel de Linux antes de v3.1 permite a los servidores CIFS remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de un valor de gran longitud en una respuesta a una petición de lectura de un directorio. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9438fabb73eb48055b58b89fc51e0bc4db22fabd http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.openwall.com/lists/oss-security/2011/08/24/2 https://bugzilla.redhat.com/show_bug.cgi?id=732869 https://github.com/torvalds/linux/commit/9438fabb73eb48055b58b89fc51e0bc4db22fabd https://access.redhat.com/security/cve/CVE-2011-3191 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 51EXPL: 0CVE-2011-2909
https://notcve.org/view.php?id=CVE-2011-2909
The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string. La función do_devinfo_ioctl en drivers/staging/comedi/comedi_fops.c en el kernel de Linux anterior a 3.1 permite a usuarios locales obtener información sensible de la memoria del kernel a través de una copia de una cadena corta. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=819cbb120eaec7e014e5abd029260db1ca8c5735 http://www.openwall.com/lists/oss-security/2011/08/12/1 https://github.com/torvalds/linux/commit/819cbb120eaec7e014e5abd029260db1ca8c5735 https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.1.bz2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2011-2482 – kernel: sctp dos
https://notcve.org/view.php?id=CVE-2011-2482
A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet. Cierto parche Red Hat para la función sctp_sock_migrate en net/sctp/socket.c en el Linux Kernel anterior a v2.6.21, como se utilizaba en Red Hat Enterprise Linux (RHEL) 5, permite a atacantes remotos causar una denegación de servicio (Null pointer dereference y OOPS) mediante un paquete SCTP. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d http://rhn.redhat.com/errata/RHSA-2011-1212.html http://www.openwall.com/lists/oss-security/2011/08/30/1 https://bugzilla.redhat.com/show_bug.cgi?id=714867 https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d https://access.redhat.com/security/cve/CVE-2011-2482 • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2184
https://notcve.org/view.php?id=CVE-2011-2184
The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960. La función key_replace_session_keyring en security/keys/process_keys.c en el kernel de Linux anterior a v2.6.39.1 no inicializa un determinado miembro de una 'struct', lo que permite a usuarios locales causar una denegación de servicio (puntero a NULL y OOPS) o posiblemente tener un impacto no especificado a través del argumento KEYCTL_SESSION_TO_PARENT a la función keyctl. Se trata de una vulnerabilidad diferente a CVE-2010-2960. • http://alt.swiecki.net/linux_kernel/sys_open-kmem_cache_alloc-2.6.39-rc4.txt http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f7285b5d631fd6096b11c6af0058ed3a2b30ef4e http://securityreason.com/securityalert/8371 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1 http://www.openwall.com/lists/oss-security/2011/06/03/2 http://www.openwall.com/lists/oss-security/2011/06/06/2 https://lkml.org/lkml/2011/5/23/199 https:&#x • CWE-476: NULL Pointer Dereference •