CVSS: 4.9EPSS: 0%CPEs: 33EXPL: 0CVE-2009-4410
https://notcve.org/view.php?id=CVE-2009-4410
The fuse_ioctl_copy_user function in the ioctl handler in fs/fuse/file.c in the Linux kernel 2.6.29-rc1 through 2.6.30.y uses the wrong variable in an argument to the kunmap function, which allows local users to cause a denial of service (panic) via unknown vectors. La función fuse_ioctl_copy_user el manejador ioctl en fs/fuse/file.c en el kernel de Linux v2.6.29-rc1 hasta v2.6.30.y usa la variable incorrecta en un argumento en la función kunmap, lo que permite a usuarios locales causar una denegación de servicio (pánico) a trvés de vectores desconocidos. • http://osvdb.org/61335 http://secunia.com/advisories/37928 http://www.openwall.com/lists/oss-security/2009/12/23/1 http://www.securityfocus.com/bid/37453 https://bugzilla.redhat.com/show_bug.cgi?id=549400 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01344.html •
CVSS: 4.7EPSS: 0%CPEs: 338EXPL: 0CVE-2009-4138 – kernel: firewire: ohci: handle receive packets with a data length of zero
https://notcve.org/view.php?id=CVE-2009-4138
drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field. drivers/firewire/ohci.c en el kernel de Linux anterior a v2.6.32-git9, cuando se usa el modo packet-per-buffer, permite a usuarios locales provocar una denegación de servicio (deferencia a puntero NULL y caída del sistema) o posiblemente otro impacto desconocido a través de un ioctl sin especificar asociado a cuando se recibe un paquete ISO que contiene Zero en el campo payload-length. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8c0c0cc2d9f4c523fde04bdfe41e4380dec8ee54 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://patchwork.kernel.org/patch/66747 http://secunia.com/advisories/38017 http://secunia.com/advisories/38276 http://support.avaya.com/css/P8/documents/ • CWE-399: Resource Management Errors •
CVSS: 4.9EPSS: 0%CPEs: 340EXPL: 0CVE-2009-4306
https://notcve.org/view.php?id=CVE-2009-4306
Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel 2.6.32-git6 and earlier allows local users to cause a denial of service (filesystem corruption) via unknown vectors, a different vulnerability than CVE-2009-4131. Vulnerabilidad sin especificar en la implementación EXT4_IOC_MOVE_EXT (también conocido como "move extents") ioctl en el sistema de ficheros ext4 en el kernel de Linux v2.6.32-git6 y anteriores permite a usuarios locales producir una denegación de servicio (corrupción del sistema de ficheros) a través de vectores desconocidos, una vulnerabilidad diferente que CVE-2009-4131. • http://grsecurity.org/test/grsecurity-2.1.14-2.6.32-200912112157.patch http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://secunia.com/advisories/38017 http://twitter.com/fotisl/statuses/6568947714 http://twitter.com/spendergrsec/statuses/6551797457 http://twitter.com/spendergrsec/statuses/6567167692 http://twitter.com/spendergrsec/statuses/6569596339 http://twitter.com/spendergrsec/statuses/6572069107 http://twitter.com/spendergrsec/statuses/6583954567 http://twitter.com& •
CVSS: 7.1EPSS: 2%CPEs: 332EXPL: 1CVE-2009-4307 – kernel: ext4: avoid divide by zero when trying to mount a corrupted file system
https://notcve.org/view.php?id=CVE-2009-4307
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). La funcion ext4_fill_flex_info en fs/ext4/super.c en el kernel de Linux anteriores a v2.6.32-git6 permite a atacantes remotos asistidos por el usuario producir una denegación de servicio (error de división por cero y panic) a través de un sistema de ficheros ext4 malformado que contenga un super bloque con un valor de tamaño de grupo FLEX_BG grande (también conocido como valor s_log_groups_per_flex). • http://bugzilla.kernel.org/show_bug.cgi?id=14287 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=503358ae01b70ce6909d19dd01287093f6b6271c http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html http://lkml.org/lkml/2009/12/9/255 http://secunia.com/advisories/37658 http://secunia.com/advisories/38017 http://secunia.com/advisories/38276 http://www.kernel.org&#x • CWE-189: Numeric Errors •
CVSS: 7.1EPSS: 2%CPEs: 331EXPL: 0CVE-2009-4308 – kernel: ext4: Avoid null pointer dereference when decoding EROFS w/o a journal
https://notcve.org/view.php?id=CVE-2009-4308
The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal. La funcion ext4_decode_error en fs/ext4/super.c en el sistema de ficheros ext4 en el kernel de Linux anteriores a v2.6.32 permite a atacantes remotos asistidos por el usuario producir una denegación de servicio (desreferencia a punteru NULL), y posiblemente tienes mas impacto sin especificar, a través de de un sistema de ficheros solo de lectura que carece de journal. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=78f1ddbb498283c2445c11b0dfa666424c301803 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://secunia.com/advisories/37658 http://secunia.com/advisories/38017 http://secunia.com/advisories/38276 http://secunia.com/advisories/43315 http://www • CWE-399: Resource Management Errors CWE-476: NULL Pointer Dereference •