CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4075 – kernel: drivers/serial/serial_core.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4075
The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. La función uart_get_count de drivers/serial/serial_core.c del kernel de Linux en versiones anteriores a la 2.6.37-rc1 no inicializa apropiadamente un miembro de una determinada estructura, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila del kernel a través de una llamada ioctl TIOCGICOUNT. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d281da7ff6f70efca0553c288bb883e8605b3862 http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03388.html http://secunia.com/advisories/42884 http://secunia.com/advisories/42890 http://secunia.com/advisories/42963 http://secunia.com/advisories/46397 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc1 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 1.9EPSS: 0%CPEs: 14EXPL: 0CVE-2010-4078
https://notcve.org/view.php?id=CVE-2010-4078
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. La función sisfb_ioctl de drivers/video/sis/sis_main.c del kernel de Linux en versiones anteriores a la 2.6.36-rc6 no inicializa apropiadamente un miembro de una determinada estructura, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila del kernel a través de una llamada ioctl FBIOGET_VBLANK. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd02db9de73faebc51240619c7c7f99bee9f65c7 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://secunia.com/advisories/42778 http://secunia.com/advisories/42801 http://www. • CWE-909: Missing Initialization of Resource •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 7CVE-2010-4249 – Linux Kernel 2.6.37 - Unix Sockets Local Denial of Service
https://notcve.org/view.php?id=CVE-2010-4249
The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets. La función wait_for_unix_gc de net/unix/garbage.c en el kernel de Linux en versiones anteriores a la 2.6.37-rc3-next-20101125 no selecciona apropiadamente el momento de recolectar la basura de los sockets en uso; lo que permite, a usuarios locales, provocar una denegación de servicio (cuelgue del sistema) a través del uso modificado de las llamadas al sistema "socketpair" y "sendmsg" de los sockets SOCK_SEQPACKET. • https://www.exploit-db.com/exploits/15622 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=9915672d41273f5b77f1b3c29b391ffb7732b84b http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://lkml.org/lkml/2010/11/23/395 http://lkml.org/lkml/2010/11/23/450 http://lkml.org/lkml/2010/11/25/8 http://marc.info/?l=linux-netdev&m=129059035929046&w=2 http://secunia.com/advisories/42354 http://secunia.com/adviso • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0CVE-2010-3705 – kernel: sctp memory corruption in HMAC handling
https://notcve.org/view.php?id=CVE-2010-3705
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array. La función sctp_auth_asoc_get_hmac en net/sctp/auth.c en el kernel de Linux anteriores a v2.6.36 no valida correctamente la matriz hmac_ids de un par SCTP, lo cual permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y panic) a través de un valor manipulado en el último elemento de esta matriz. • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=51e97a12bef19b7e43199fc153cf9bd5f2140362 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://marc.info/?l=linux-kernel&m=128596992418814&w=2 http://secunia.com/advisories/42745 http://www.debian.org/security/2010/dsa-2126 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 http://www.openwall.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2010-3698 – kvm: invalid selector in fs/gs causes kernel panic
https://notcve.org/view.php?id=CVE-2010-3698
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT). La implementación de KVM en el kernel de Linux anterior a v2.6.36 no recarga adecuadamente los segmentos de registro FS y GS, lo cual permite a usuarios del sistema operativo anfitrión causar una denegación de servicio (cuelgue del sistema operativo anfitrión) a través de una llamada KVM_RUN ioctl junto con una versión modificada de la Tabla de Descriptores Locales (LDT). • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9581d442b9058d3699b4be568b6e5eae38a41493 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://secunia.com/advisories/42745 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 http://www.redhat.com/support/errata/RHSA-2010-0842.html http://www.redhat.com/support/errata/RHSA-2010-0898.html http:/&#x • CWE-400: Uncontrolled Resource Consumption •