NotCVE - vendor:"Linux" product:"Linux Kernel" version:" <= 5.1.2"

Page 929 of 5163 results (0.039 seconds)

CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0

CVE-2008-5300 – kernel: fix soft lockups/OOM issues with unix socket garbage collector

https://notcve.org/view.php?id=CVE-2008-5300

Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029. El kernel de Linux 2.6.28 permite a usuarios locales causar una denegación de servicio ( "bloqueo blando" y pérdida del proceso) a través de un gran número de llamadas a la función sendmsg, que no se bloquea durante la recolección de basura AF_UNIX y provoca una situación de memoria insuficiente. Se trata de una vulnerabilidad diferente a CVE-2008-5029. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=473259 http://marc.info/?l=linux-netdev&m=122721862313564&w=2 http://marc.info/?l=linux-netdev&m=122765505415944&w=2 http://osvdb.org/50272 http://secunia.com/advisories/32913 http://secunia.com/advisories/32998 http://secunia.com/advisories/33083 http://secunia.com/advisories/33348 http://secunia.com/advisories/33556 http://secunia.com/advisories/33706 http://secunia.com/advisories/33756 http://secunia.com/a • CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 285EXPL: 0

CVE-2008-5182 – kernel: fix inotify watch removal/umount races

https://notcve.org/view.php?id=CVE-2008-5182

The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount. La funcionalidad inotify en el kernel de Linux v2.6 anteriores a 2.6.28-rc5 que podría permitir a usuarios locales ganar privilegios a través de vectores desconocidos relacionados con las condiciones de carrera en el reloj de eliminación y desmontado. • http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.28-rc5 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://secunia.com/advisories/32998 http://secunia.com/advisories/33083 http://secunia.com/advisories/33348 http://secunia.com/advisories/33623 http://secunia.com/advisories/33641 http://secunia.com/advisories/33704 http://secunia.com/advisories/33706 http:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •

CVSS: 10.0EPSS: 8%CPEs: 260EXPL: 0

CVE-2008-5134 – kernel: libertas: fix buffer overrun

https://notcve.org/view.php?id=CVE-2008-5134

Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response." Desbordamiento de búfer en la función lbs_process_bss en drivers/net/wireless/libertas/scan.c en el subsistema libertas en versiones anteriores a 2.6.27.5 del kernel de linux, permite a los atacantes remotos tener un impacto desconocido a través de un "respuesta inválida de balizamiento/prueba." • http://article.gmane.org/gmane.linux.kernel.wireless.general/23049 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=48735d8d8bd701b1e0cd3d49c21e5e385ddcb077 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://openwall.com/lists/oss-security/2008/11/11/2 http://secunia.com/advisories/32998 http://secunia.com/advisories/33641 http://secunia.com/advisories/33706 http://secunia.com/advisories/33854 http://www.debian.org/s • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 110EXPL: 0

CVE-2008-5025 – kernel: hfs: fix namelength memory corruption

https://notcve.org/view.php?id=CVE-2008-5025

Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. Desbordamiento de búfer basado en pila en la función hfs_cat_find_brec en fs/hfs/catalog.c en versiones del kernel de Linux anteriores a la 2.6.28-RC1 permite a atacantes provocar una denegación de servicio (corrupción de memoria o caida del sistema) a través de una imagen de un sistema de ficheros HFS con un campo "longitud del catálogo" inválido. Esta vulnerabilidad esta relacionada con la CVE-2008-4933. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=d38b7aa7fc3371b52d036748028db50b585ade2e http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://openwall.com/lists/oss-security/2008/11/10/1 http://openwall.com/lists/oss-security/2008/11/10/3 http://openwall.com/lists/oss-security/2008/11/10/6 http://openwall.com/lists/oss-security/2008/11/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.9EPSS: 0%CPEs: 114EXPL: 1

CVE-2008-5029 – kernel: Unix sockets kernel panic

https://notcve.org/view.php?id=CVE-2008-5029

The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. La función __scm_destroy de net/core/scm.c en el kernel de Linux 2.6.27.4, 2.6.2 y anteriores; realiza llamadas recursivas indirectas a sí mismo a través de llamadas a la función fput; esto permite a usuarios locales provocar una denegación de servicio (pánico) a través de vectores relacionados con el envío de un mensaje SCM_RIGTHS a través de un socket de dominio UNIX y cerrando los descriptores de ficheros. • http://archives.neohapsis.com/archives/bugtraq/2009-01/0006.html http://darkircop.org/unix.c http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.9 http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://marc.info/?l=linux-netdev&m=122593044330973&w=2 http://secunia.com/advisories/32918 http://s •

1...927 928 929 930 931