CVE-2009-1389 – kernel: r8169: fix crash when large packets are received
https://notcve.org/view.php?id=CVE-2009-1389
Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet. Desbordamiento de memoria en el driver RTL8169 NIC (drivers/net/r8169.c) en el kernel de Linux anteriores a v2.6.30 permite a atacantes remotos producir una denegación de servicio (consumo de memoria del kernel y caída) a través de un paquete largo. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=fdd7b4c3302c93f6833e338903ea77245eb510b4 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://lkml.org/lkml/2009/6/8/194 http://marc.info/?l=linux-netdev&m=123462461713724&w=2 http://secunia.com/advisories/35265 http://secunia.com/advisories/35566 http://secunia.com/advisories/35847 http://secunia& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-1961 – Linux Kernel 2.6.x - 'splice' Double Lock Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-1961
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions. El código de doble bloqueo del inodo de fs/ocfs2/file.c del kernel de Linux v2.6.30 anterior a v2.6.30-rc3, v2.6.27 anterior a v2.6.27.24, v2.6.29 anterior a v2.6.29.4 y puede que otras versiones anteriores a v2.6.19; permite a usuarios locales provocar una denegación de servicio (prevención de creación y borrado de ficheros) a través de una serie de llamadas al sistema anidadas que provocan un bloqueo mutuo -deadlock- entre las funciones generic_file_splice_write, splice_from_pipe y ocfs2_file_splice_write. • https://www.exploit-db.com/exploits/33015 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=7bfac9ecf0585962fe13584f5cf526d8c8e76f17 http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html http://secunia.com/advisories/35390 http://secunia.com/advisories/35394 http://secunia.com/advisories/35656 http • CWE-667: Improper Locking •
CVE-2009-1914 – Linux Kernel 2.6.x (Sparc64) - '/proc/iomem' Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-1914
The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function. La función pci_register_iommu_region de arch/sparc/kernel/pci_common.c del kernel de Linux anterior a v2.6.29 en la plataforma sparc64, permite a usuarios locales provocar una denegación de servicio (caída del sistema), al leer el fichero /proc/iomem. Está relacionado con punteros no iniciados y la función request_resource. • https://www.exploit-db.com/exploits/33043 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=192d7a4667c6d11d1a174ec4cad9a3c5d5f9043c http://osvdb.org/54908 http://secunia.com/advisories/35656 http://secunia.com/advisories/36051 http://www.debian.org/security/2009/dsa-1844 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29 http://www.openwall.com/lists/oss-security/2009/06/03/3 http://www.securityfocus.com/bid/35415 http:/ • CWE-20: Improper Input Validation •
CVE-2009-1385 – kernel: e1000_clean_rx_irq() denial of service
https://notcve.org/view.php?id=CVE-2009-1385
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size. Desbordamiento inferior de entero en la función 1000_clean_rx_irq en drivers/net/e1000/e1000_main.c en el controlador e1000 en Linux kernel anterior a v2.6.30-rc8, el controlador e1000e en el kernel de Linux, y Intel Wired Ethernet (también conocido como e1000) anteriores a v7.5.5 permite a los atacantes remotos causar una denegación de servicios (panic) a través de un tamaño de marco manipulado. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea30e11970a96cfe5e32c03a29332554573b4a10 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html http://osvdb.org/54892 http://secunia.com/advisories/35265 http://secunia.com/advisories/35566 http://secunia.com/advisories/35623 http://secunia.com/advisories/35656 http://secunia.com/advisories/35847 http://secunia.com/advisories/36051 http://secunia.com/advisories/36131 http://secunia.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVE-2009-1633 – kernel: cifs: fix potential buffer overruns when converting unicode strings sent by server
https://notcve.org/view.php?id=CVE-2009-1633
Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. Múltiples desbordamientos de búfer en el subsistema cifs en el kernel de Linux anterior a v2.6.29.4 permite a servidores remotos CIFS provocar una denegación de servicio (corrupción de memoria) y posiblemente tener otros impactos sin identificar a través de (1) una cadena Unicode mal formada, relacionado con el área de alineación de cadena Unicode en fs/cifs/sess.c; o (2) carateres largos _Unicode, relacionado con fs/cifs/cifssmb.c y la función cifs_readdir en fs/cifs/readdir.c. • http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git%3Ba=commit%3Bh=7b0c8fcff47a885743125dd843db64af41af5a61 http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git%3Ba=commit%3Bh=968460ebd8006d55661dec0fb86712b40d71c413 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27b87fe52baba0a55e9723030e76fce94fabcea4 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html http:/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •