Page 943 of 5163 results (0.047 seconds)

CVSS: 7.8EPSS: 13%CPEs: 30EXPL: 1

CVE-2007-4567 – Linux Kernel 2.6.22 - IPv6 Hop-By-Hop Header Remote Denial of Service

https://notcve.org/view.php?id=CVE-2007-4567

The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet. La función ipv6_hop_jumbo en el archivo net/ipv6/exthdrs.c en el kernel de Linux versiones anteriores a 2.6.22, no comprueba apropiadamente el encabezado extendido de IPv6 salto a salto, lo que permite a los atacantes remotos causar una denegación de servicio (desreferencia del puntero NULL y pánico del kernel) por medio de un paquete IPv6 especialmente diseñado. • https://www.exploit-db.com/exploits/30902 http://bugzilla.kernel.org/show_bug.cgi?id=8450 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e76b2b2567b83448c2ee85a896433b96150c92e6 http://secunia.com/advisories/25505 http://secunia.com/advisories/28170 http://secunia.com/advisories/28706 http://secunia.com/advisories/38015 http://www.redhat.com/support/errata/RHSA-2010-0019.html http://www.redhat.com/support/errata/RHSA-2010-0053.html http://ww • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0

CVE-2007-5966 – kernel: non-root can trigger cpu_idle soft lockup

https://notcve.org/view.php?id=CVE-2007-5966

Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information. Desbordamiento de enteros en la función hrtimer_start en kernel/hrtimer.c en el kernel de Linux anterior a 2.6.23.10 permite a usuarios locales ejecutar código de su elección o provocar denegación de servicio (panic) a través de un valor de desconexión por tiempo. NOTA: algunos de estos detalles han sido obtenidos por terceras fuentes de información. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.10 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://secunia.com/advisories/28088 http://secunia.com/advisories/28105 http://secunia.com/advisories/28141 http://secunia.com/advisories/28706 http://secunia.com/advisories/28806 http://secunia.com/advisories/31628 http://secunia.com/advisories/36131 http://secunia.com/advisories/37471 http://www.debian.org/security/2007/dsa-1436 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2007-6434

https://notcve.org/view.php?id=CVE-2007-6434

Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function. Linux kernel 2.6.23 permite a usuarios locales crear páginas bajas en el espacio de la memoria virtual y evitar la protección mmap_min_addr a través de un archivo ejecutable manipulado que llama a una función do_brk. • http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc5 http://osvdb.org/40907 http://secunia.com/advisories/28070 http://www.securityfocus.com/bid/26831 http://www.vupen.com/english/advisories/2007/4200 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 0

CVE-2007-6417 – tmpfs: restore missing clear_highpage (kernels from 2.6.11 up)

https://notcve.org/view.php?id=CVE-2007-6417

The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash). La función shmem_getpage (mm/shmem.c) en el kernel de Linux versión 2.6.11 hasta 2.6.23 no borra de manera apropiada la memoria asignada en algunas circunstancias extrañas relacionadas con tmpfs, lo que podría permitir a los usuarios locales leer datos confidenciales del kernel o causar una denegación de servicio (bloqueo). • http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://marc.info/?l=linux-kernel&m=119627664702379&w=2 http://marc.info/?l=linux-kernel&m=119743651829347&w=2 http://marc.info/?l=linux-kernel&m=119769771026243&w=2 http://osvdb.org/44120 http://secunia.com/advisories/28141 http://secunia.com/advisories/28706 http://secunia.com/advisories/28806 http://secunia.com/advisories/28971 http://secunia.com/advisories/32023 http://www.debian.org/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-6151 – I4L: fix isdn_ioctl memory issue

https://notcve.org/view.php?id=CVE-2007-6151

The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow. La función isdn_ioctl en isdn_common.c en Linux kernel 2.6.23 permite a usuarios locales provocar denegación de servicio a través de una estructura ioctl manipulada en cuyo iocts no tiene un final null, lo cual dispara un desbordamiento de búfer. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=eafe1aa37e6ec2d56f14732b5240c4dd09f0613a http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://rhn.redhat.com/errata/RHSA-2008-0055.html http://secunia.com/advisories/28626 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •