Page 940 of 5163 results (0.029 seconds)

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-5498 – missing sanity check in xen block backend driver

https://notcve.org/view.php?id=CVE-2007-5498

The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service (host OS crash) via a request that specifies a large number of blocks. El driver Xen hypervisor block backend (situado entre el hardware y el sistema operativo) para el Kernel de Linux 2.6.18, cuando corre en un host de 64 bit con un cliente paravirtualizado de 32 bit, permite a usuarios locales con privilegios provocar una denegación de Servicio (caída del SO del host) en el SO cliente mediante una petición que especifica un número largo de bloques. • http://secunia.com/advisories/30116 http://secunia.com/advisories/32918 http://www.redhat.com/support/errata/RHSA-2008-0233.html http://www.securityfocus.com/bid/29082 http://www.ubuntu.com/usn/usn-679-1 https://bugzilla.redhat.com/show_bug.cgi?id=369531 https://exchange.xforce.ibmcloud.com/vulnerabilities/42274 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9452 https://access.redhat.com/security/cve/CVE-2007-5498 • CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 221EXPL: 3

CVE-2008-1675

https://notcve.org/view.php?id=CVE-2008-1675

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory. La función bdx_ioctl_priv en el controlador tehuti (archivo tehuti.c) en el Kernel de Linux versiones 2.6.x anteriores a 2.6.25.1, no comprueba apropiadamente cierta información relacionada al tamaño del registro, que presenta un impacto no especificado y vectores de ataque locales, probablemente relacionados con la lectura y escritura de la memoria del Kernel. • http://marc.info/?l=linux-kernel&m=120949204519706&w=2 http://marc.info/?l=linux-kernel&m=120949204619718&w=2 http://marc.info/?l=linux-kernel&m=120949582428998&w=2 http://secunia.com/advisories/30017 http://secunia.com/advisories/30044 http://secunia.com/advisories/30260 http://secunia.com/advisories/30515 http://wiki.rpath.com/Advisories:rPSA-2008-0157 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0157 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog&# • CWE-399: Resource Management Errors •

CVSS: 6.9EPSS: 0%CPEs: 14EXPL: 0

CVE-2008-1375 – kernel: race condition in dnotify (local DoS, local roothole possible)

https://notcve.org/view.php?id=CVE-2008-1375

Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors. Una condición de carrera en el subsistema directory notification (dnotify) en el Kernel de Linux versiones 2.6.x anteriores a 2.6.24.6, y versiones 2.6.25 anteriores a 2.6.25.1, permite a usuarios locales causar una denegación de servicio (OOPS) y posiblemente alcanzar privilegios por medio de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://marc.info/?l=linux-kernel&m=120967963803205&w=2 http://marc.info/?l=linux-kernel&m=120967964303224&w=2 http://secunia.com/advisories/30017 http://secunia.com/advisories/30018 http://secu • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 2.1EPSS: 0%CPEs: 143EXPL: 0

CVE-2008-1294 – kernel: setrlimit(RLIMIT_CPUINFO) with zero value doesn't inherit properly across children

https://notcve.org/view.php?id=CVE-2008-1294

Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits. El Kernel de Linus 2.6.17 y otras versiones anteriores a la 2.6.22 no comprueba cuándo un usuario intenta establecer el RLIMIT_CPU a 0 hasta después de que se realice el cambio, lo que permite a los usuarios locales evitar los límites a recursos establecidos. • http://bugs.gentoo.org/show_bug.cgi?id=215000 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=9926e4c74300c4b31dee007298c6475d33369df0 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22 http://secunia.com/advisories/30018 http://secunia.com/advisories/30769 http://secunia.com/advisories/31341 http://www.debian.org/security/2008/dsa-1565 http://www.redhat.com/support/errata/RHSA-2008-0612.html http://www.securityfocus.com/bid/29004& • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-6712 – kernel: infinite loop in highres timers (kernel hang)

https://notcve.org/view.php?id=CVE-2007-6712

Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired. Desbordamiento de entero en la función hrtimer_forward function (hrtimer.c) en el kernel 2.6.21-rc4 de Linux, cuando corren en sistemas de 64-bit, permite a los usuarios locales provocar una denegación de servicio (bucle infinito) mediante un temporizador con un valor de caducidad largo, que provoca que el temporizador esté siempre expirado. • http://git.kernel.org/?p=linux/kernel/git/chris/linux-2.6.git%3Ba=commitdiff%3Bh=13788ccc41ceea5893f9c747c59bc0b28f2416c2 http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://secunia.com/advisories/30294 http://secunia.com/advisories/30368 http://secunia.com/advisories/30818 http://secunia.com/advisories/31107 http://secunia.com/advisories/31628 http://www.debian.org/security/2008/dsa-1588 http://www.redhat.com/support/errata/RHSA-2008-0275.html http:/ • CWE-189: Numeric Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •