Page 897 of 5145 results (0.055 seconds)

CVSS: 7.2EPSS: 4%CPEs: 247EXPL: 0

CVE-2010-1084 – kernel: bluetooth: potential bad memory access with sysfs files

https://notcve.org/view.php?id=CVE-2010-1084

Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service (memory corruption) via a large number of Bluetooth sockets, related to the size of sysfs files in (1) net/bluetooth/l2cap.c, (2) net/bluetooth/rfcomm/core.c, (3) net/bluetooth/rfcomm/sock.c, and (4) net/bluetooth/sco.c. El kernel de Linux desde v2.6.18 hasta v2.6.33, y posiblemente otras versiones, permite a atacantes remotos producir una denegación de servicio (corrupcion de memoria) a traves de un gran numero de sockets Bluetooth, relacionados con ficheros sysfs en (1) net/bluetooth/l2cap.c, (2) net/bluetooth/rfcomm/core.c, (3) net/bluetooth/rfcomm/sock.c, y (4) net/bluetooth/sco.c. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=101545f6fef4a0a3ea8daf0b5b880df2c6a92a69 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://security-tracker.debian.org/tracker/CVE-2010-1084 http://www.debian.org/security/2010/dsa-2053 http://www.openwall.com/lists/oss-security/2010/03/23/1 http://www.redhat.com/support/errata/RHSA-2010-0610.html http://www.securityfocus.com/archive/1/516397/100/0/threaded http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.7EPSS: 0%CPEs: 339EXPL: 0

CVE-2010-1083 – kernel: information leak via userspace USB interface

https://notcve.org/view.php?id=CVE-2010-1083

The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory). La función processcompl_compat en drivers/usb/core/devio.c del kernel de linux v2.6.x a la v2.6.32, y posiblemente otras versiones, no limpia el búfer de transferencia antes de regresar al espacio de usuario cuando falla un comando USB, lo que podría facilitar a atacantes físicamente cercanos obtener información sensible (memoria del kernel). • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html http://lkml.org/lkml/2010/3/30/759 http://lwn.net/Articles/375350 http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/46397 http://support.avaya.com/css/P8/documents/100090459 http://support.avaya.com/css/P8/documents/100113326 http://www.debian.org/security/2010/dsa-2053 http://www.novell.com/linux/security/advisories/2010_23_kernel.html http • CWE-399: Resource Management Errors •

CVSS: 6.9EPSS: 0%CPEs: 252EXPL: 0

CVE-2010-1088 – kernel: fix LOOKUP_FOLLOW on automount "symlinks"

https://notcve.org/view.php?id=CVE-2010-1088

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. fs/namei.c en Linux kernel desde v2.6.18 hasta v2.6.34, no siempre sigue los enlaces simbólicos de automontado NFS, lo que permite a atacantes producir un impacto desconocido, relacionado con LOOKUP_FOLLOW. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=ac278a9c505092dd82077a2446af8f9fc0d9c095 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.mandriva.com/security/advisories?name=MDVSA-2010:088 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.n •

CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2010-1085 – kernel: ALSA: hda-intel: Avoid divide by zero crash

https://notcve.org/view.php?id=CVE-2010-1085

The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service (crash) via unknown manipulations that trigger a divide-by-zero error. La funcion azx_position_ok en hda_intel.c en el kernel de Linux v2.6.33-rc4 y anteriores, cuando correo bajo un chipset AMD780V, permite a atacantes dependientes de contexto producir una denegación de servicio (caída) a través de manipulaciones desconocidas que inician un error de división por cero. • http://lkml.org/lkml/2010/2/5/322 http://nctritech.net/bugreport.txt http://secunia.com/advisories/39649 http://secunia.com/advisories/43315 http://support.avaya.com/css/P8/documents/100088287 http://support.avaya.com/css/P8/documents/100090459 http://www.openwall.com/lists/oss-security/2010/02/22/2 http://www.redhat.com/support/errata/RHSA-2010-0394.html http://www.redhat.com/support/errata/RHSA-2010-0398.html http://www.securityfocus.com/archive/1/516397&#x • CWE-189: Numeric Errors •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2010-1087 – kernel: NFS: Fix an Oops when truncating a file

https://notcve.org/view.php?id=CVE-2010-1087

The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible. La funcion nfs_wait_on_request en fs/nfs/pagelist.c en Linux kernel desde v2.6.x hasta v2.6.33-rc5 permite a atacantes producir una denegación de servicio (OOPS) a través de vectores desconocidos relacionados con el truncado de un fichero y una operación que no se puede interrumpir. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=9f557cd8073104b39528794d44e129331ded649f http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://secunia.com/advisories/39830 http://secunia.com/advisories/40645 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.openwall.com/lists/oss-security/2010/03/03/1 http://www.securityfocus.com/archive/1/516397/100/0/threaded http://www. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •