CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2011-1771 – kernel: cifs oops when creating file with O_DIRECT set
https://notcve.org/view.php?id=CVE-2011-1771
The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to open a file on a CIFS filesystem. La función cifs_close en fs/cifs/file.c en el kernel de Linux antes de su versión v2.6.39 permite a usuarios locales provocar una denegación de servicio (puntero a NULL y Error) o posiblemente tener un impacto no especificado estableciendo el flag O_DIRECT durante un intento de abrir un archivo en un sistema de archivos CIFS. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7797069305d13252fd66cf722aa8f2cbeb3c95cd http://marc.info/?l=linux-cifs&m=130204357001849&w=2 http://marc.info/?l=linux-cifs&m=130204730006155&w=2 http://securityreason.com/securityalert/8367 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://www.openwall.com/lists/oss-security/2011/05/09/2 https://bugzilla.redhat.com/show_bug.cgi?id=703016 https://access.redhat.com/secu • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 2%CPEs: 3EXPL: 0CVE-2011-1770 – kernel: dccp: handle invalid feature options length
https://notcve.org/view.php?id=CVE-2011-1770
Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read. Desbordamiento de entero en la función dccp_parse_options (net/DCCP/options.c) en el kernel de Linux antes de la versión v2.6.33.14 permite a atacantes remotos causar una denegación de servicio a través de un paquete de datagramas del Protocolo de control de congestión (DCCP) con una longitud de opciones de características no válida, lo que provoca una sobre lectura de un búfer. • http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html http://marc.info/?l=linux-kernel&m=130468845209036&w=2 http://marc.info/?l=linux-kernel&m=130469305815140&w=2 http://secunia.com/advisories/44932 http://securityreason.com/securityalert/8286 http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14 http://www.securityfocus.com/bid/47769 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1019 – kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
https://notcve.org/view.php?id=CVE-2011-1019
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability. La función dev_load en net/core/dev.c en el kernel de Linux anterior a v2.6.38 permite a usuarios locales eludir las capacidades CAP_SYS_MODULE requeridas y cargar modulos arbitrarios mediante el aprovechamiento de la capacidad CAP_NET_ADMIN. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8909c9ad8ff03611c9c96c9a92656213e4bb495b http://www.openwall.com/lists/oss-security/2011/02/25/1 https://bugzilla.redhat.com/show_bug.cgi?id=680360 https://github.com/torvalds/linux/commit/8909c9ad8ff03611c9c96c9a92656213e4bb495b https://access.redhat.com/security/cve/CVE-2011-1019 •
CVSS: 7.8EPSS: 2%CPEs: 6EXPL: 0CVE-2011-1093 – kernel: dccp: fix oops on Reset after close
https://notcve.org/view.php?id=CVE-2011-1093
The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet. Función dccp_rcv_state_process en net/dccp/input.c en la implementación de Datagram Congestion Control Protocol(DCCP)en el kernel de linux antes de v2.6.38 no maneja adecuadamente paquetes para un extremo cerrado, que permite a atacantes remotos provocar una denegación de servicio ( puntero a NULO y OOPS ) mediante el envío de un paquete DCCP-Close seguido por un paquete DCCP-Reset. • http://downloads.avaya.com/css/P8/documents/100145416 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d http://openwall.com/lists/oss-security/2011/03/08/19 http://openwall.com/lists/oss-security/2011/03/08/4 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 http://www.securityfocus.com/bid/46793 https://bugzilla.redhat.com/show_bug.cgi • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0CVE-2010-4251 – kernel: unlimited socket backlog DoS
https://notcve.org/view.php?id=CVE-2010-4251
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests. La implementación del socket en net/core/sock.c en el kernel de Linux anterior a v2.6.34 no maneja correctamente un retraso de los paquetes recibidos, que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) mediante el envío de una gran cantidad de la red tráfico, como lo demuestran las pruebas netperf UDP. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8eae939f1400326b06d0c9afe53d2a484a326871 http://kerneltrap.org/mailarchive/linux-netdev/2010/3/3/6271093/thread http://secunia.com/advisories/46397 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/46637 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/sh • CWE-400: Uncontrolled Resource Consumption •