CVSS: 1.9EPSS: 0%CPEs: 120EXPL: 0CVE-2008-5700 – kernel: enforce a minimum SG_IO timeout
https://notcve.org/view.php?id=CVE-2008-5700
libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program. libata en el kernel de Linux anterior a 2.6.27.9, no establece un tiempo de espera mínimo para solicitudes SG_IO; esto permite a usuarios locales provocar una denegación de servicio (Modo E/S programado en controladores) a través de múltiples invocaciones simultáneas de un programa de test no especificado. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=f2f1fa78a155524b849edf359e42a3001ea652c0 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://openwall.com/lists/oss-security/2008/12/09/2 http://secunia.com/advisories/33706 http://secunia.com/advisories/33756 http://secunia.com/advisories/33758 http://secunia.com/advisories/33854 http://secunia.com/advisories/34252 http://secunia.com/advisories/34762 http://secunia. • CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 110EXPL: 1CVE-2008-5702 – kernel: watchdog: ib700wdt.c - buffer_underflow bug
https://notcve.org/view.php?id=CVE-2008-5702
Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call. Desbordamiento inferior de búfer en la función ibwdt_ioctl de drivers/watchdog/ib700wdt.c en el kernel de Linux anterior a 2.6.28-rc1, puede que permita a usuarios locales tener un impacto desconocido a través de determinada llamada /dev/watchdog WDIOC_SETTIMEOUT IOCTL. • http://bugzilla.kernel.org/show_bug.cgi?id=11399 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=7c2500f17d65092d93345f3996cf82ebca17e9ff http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lkml.org/lkml/2008/10/5/173 http://openwall.com/lists/oss-security/2008/12/10/2 http://openwall.com/lists/oss-security/2008/12/17/20 http://o • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.7EPSS: 0%CPEs: 9EXPL: 0CVE-2008-5701
https://notcve.org/view.php?id=CVE-2008-5701
Array index error in arch/mips/kernel/scall64-o32.S in the Linux kernel before 2.6.28-rc8 on 64-bit MIPS platforms allows local users to cause a denial of service (system crash) via an o32 syscall with a small syscall number, which leads to an attempted read operation outside the bounds of the syscall table. Error de índice de array en arch/mips/kernel/scall64-o32.S en el kernel de Linux anterior a 2.6.28-rc8 en plataformas MIPS de 64 bits, permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de una llamada al sistema 032 con un número de llamada pequeño, esto provoca un intento de operación de lectura fuera del rango de la tabla de la llamada al sistema. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=e807f9574e37a3f202e677feaaad1b7c5d2c0db8 http://openwall.com/lists/oss-security/2008/12/09/1 http://secunia.com/advisories/33078 http://secunia.com/advisories/34981 http://secunia.com/advisories/35011 http://www.debian.org/security/2009/dsa-1787 http://www.debian.org/security/2009/dsa-1794 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.28-rc8 http://www.securityfoc • CWE-189: Numeric Errors •
CVSS: 4.9EPSS: 0%CPEs: 118EXPL: 0CVE-2008-5395
https://notcve.org/view.php?id=CVE-2008-5395
The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses. La función parisc_show_stack de arch/parisc/kernel/traps.c en el kernel de Linux anterior a v2.6.28-rc7 en PA-RISC; permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de vectores asociados con un intento de retirar de una pila que contiene direcciones de espacio de usuario. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=7a3f5134a8f5bd7fa38b5645eef05e8a4eb62951 http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.28-rc7 http://marc.info/?l=linux-parisc&m=121736357203624&w=2 http://secunia.com/advisories/32933 http://secunia.com/advisories/33756 http://secunia.com/advisories/34981 http://secunia.com/advisories/35011 http://www.debian.org/security/2009/dsa-1787 http://www.debian.org/security/2009& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 110EXPL: 1CVE-2008-5079 – Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service
https://notcve.org/view.php?id=CVE-2008-5079
net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table. net/atm/svc.c en el subsistema ATM del kernel de Linux v2.6.27.8 y anteriores; permite a usuarios locales provocar una denegación de servicio (bucle infinito del kernel) creando dos llamadas a svc_listen al mismo socket y luego leyendo el fichero /proc/net/atm/*vc que está relacionado con la corrupción de la tabla vcc. • https://www.exploit-db.com/exploits/7405 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://marc.info/?l=linux-netdev&m=122841256115780&w=2 http://secunia.com/advisories/32913 http://secunia.com/advisories/33083 http://secunia.com/advisories/33348 http://secunia.com/advisories/33623 http://secunia.com/ • CWE-399: Resource Management Errors •