CVSS: 2.1EPSS: 0%CPEs: 33EXPL: 3CVE-2010-1636 – Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass
https://notcve.org/view.php?id=CVE-2010-1636
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor. La función btrfs_ioctl_clone en fs/btrfs/ioctl.c en la funcionalidad btrfs del kernel de Linux v2.6.29 a v2.6.32, y posiblemente otras versiones, no garantiza que un descriptor de archivo clonado ha sido abierto solo para lectura, lo cual permite leer información sensible de un descriptor de fichero de solo escritura a usuarios locales del sistema. • https://www.exploit-db.com/exploits/34001 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395 http://www.openwall.com/lists/oss-security/2010/05/18/10 http://www.openwall.com/lists/oss-security/2010/05/18/2 http://www.openwall.com/lists/oss-security/2010/05/25/8 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579585 https://bugzilla.redhat.com/show_bug.cgi?id=593226 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.9EPSS: 0%CPEs: 303EXPL: 0CVE-2008-7256 – kernel: nfsd: fix vm overcommit crash
https://notcve.org/view.php?id=CVE-2008-7256
mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1643. Vulnerabilidad en el fichero mm/shmem.c para el kernel de Linux anterior a v2.6.28-rc8, cuando "strict overcommint" está habilitado y "CONFIG_SECURITY" deshabilitado, no maneja correctamente la exportación del objeto "shmemfs" por "knfsd", lo cual permite a atacantes provocar una denegación de servicio. NOTA: esta vulnerabilidad existe debido a una incompleta correción para la vulnerabilidad CVE-2010-1643. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1b79cd04fab80be61dcd2732e2423aafde9a4c1c http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.28/ChangeLog-2.6.28-rc8 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.openwall.com/lists/oss-security/2010/05/27/1 https://bugzilla.redhat.com/show_bug.cgi?id=595970 https://exchange.xforce.ibmcloud.com/vulnerabilities/59224 https://access.redhat.com/security/cve/CVE-2008- •
CVSS: 6.9EPSS: 0%CPEs: 293EXPL: 0CVE-2010-1643 – kernel: nfsd: fix vm overcommit crash
https://notcve.org/view.php?id=CVE-2010-1643
mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en el fichero mm/shmem.c para el kernel de Linux anterior a v2.6.28-rc3, cuando "strict overcommint" está habilitado no maneja correctamente la exportación del objeto "shmemfs" por "knfsd", lo cual permite a atacantes provocar una denegación de servicio. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=731572d39fcd3498702eda4600db4c43d51e0b26 http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://secunia.com/advisories/40645 http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-knfsd-9666 http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.28/ChangeLog-2.6.28-rc3 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.openwall.com/lists/oss& •
CVSS: 4.6EPSS: 0%CPEs: 160EXPL: 0CVE-2010-1641 – kernel: GFS2: The setflags ioctl() doesn't check file ownership
https://notcve.org/view.php?id=CVE-2010-1641
The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request. La función "do_gfs2_set_flags" en "fs/gfs2/file.c" del kernel de Linux anterior a v2.6.34-git10 no comprueba el propietario del archivo, lo que permite a usuarios locales evitar restricciones de acceso intencionadas a través de peticiones SETFLAGS ioctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7df0e0397b9a18358573274db9fdab991941062f http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00000.html http://secunia.com/advisories/40645 http://secunia.com/advisories/43315 http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/incr/patch-2.6.34-git9-git10.bz2 http://www.openwall.com/lists/oss-security/2010/05/25/1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 1.9EPSS: 0%CPEs: 39EXPL: 0CVE-2010-1446
https://notcve.org/view.php?id=CVE-2010-1446
arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke. arch/powerpc/mm/fsl_booke_mmu.c en KGDB del kernel de Linux v2.6.30 y otras versiones anteriores a la v2.6.33, cuando se ejecuta en PowerPC, no realiza apropiadamente una comprobación de seguridad para acceder a la página del kernel, lo que permite a usuarios locales sobreescribir arbitrariamente la memoria del kernel, relacionado con Fsl booke. • http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://lkml.org/lkml/2010/5/10/458 http://secunia.com/advisories/39830 http://secunia.com/advisories/40645 http://www.debian.org/security/2010/dsa-2053 http://www.openwall.com/lists/oss-security/2010/04/29/3 http://www.openwall.com/lists/oss-security/2010/04/29/9 http://www.openwall.com/lists/oss-security/2010/04/30/1 http://www.vupen.com/english/advisories/2010/1857 https:/ • CWE-264: Permissions, Privileges, and Access Controls •