CVSS: 2.1EPSS: 0%CPEs: 22EXPL: 0CVE-2007-6206 – Issue with core dump owner
https://notcve.org/view.php?id=CVE-2007-6206
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information. La función do_coredump en el archivo fs/exec.c en el kernel de Linux versiones 2.4.x y versiones 2.6.x hasta 2.6.24-rc3, y posiblemente otras versiones, no cambia el UID de un archivo de volcado de núcleo si éste existe antes de una creación de proceso root en un volcado de núcleo en la misma ubicación, lo que podría permitir a los usuarios locales obtener información confidencial. • http://bugzilla.kernel.org/show_bug.cgi?id=3043 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=c46f739dd39db3b07ab5deb4e3ec81e1c04a91af http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://rhn.redhat.com/errata/RHSA-2008 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6063 – Linux Kernel isdn_net_setcfg buffer overflow
https://notcve.org/view.php?id=CVE-2007-6063
Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function. Desbordamiento de búfer en la función isdn_net_setcfg en isdn_net.c en Linux kernel 2.6.23 permite a usuarios loclaes tener un impacto desconocido a través de un argumento manipulado en la función isdn_ioctl. • http://bugzilla.kernel.org/show_bug.cgi?id=9416 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://rhn.redhat.com/errata/RHSA-2008-0055.html http://secunia.com/advisories/27842 http://secunia.com/advisories/27912 http://secunia.com/advisories/28141 http://secunia.com/advisories/28706 http://secunia.com/advisories/28748 http://secunia.com/advisories/28806 http://secunia.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5500 – kernel hang via userspace PTRACE+waitid
https://notcve.org/view.php?id=CVE-2007-5500
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party information. La función wait_task_stopped en el kernel de Linux versiones anteriores a 2.6.23.8 comprueba un bit TASK_TRACED en vez de un valor exit_state, lo cual permite a usuarios locales provocar una denegación de servicio (caída de máquina) mediante vectores no especificados. NOTA: algunos de estos detalles se han obtenido de información de terceros. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git%3Ba=commitdiff%3Bh=36ef66c5d137b9a31fd8c35d236fb9e26ef74f97 http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://rhn.redhat.com/errata/RHSA-2008-0055.html http://secunia.com/advisories/27664 http://secunia.com/advisories/27703 http://secunia.com/adviso •
CVSS: 7.8EPSS: 11%CPEs: 64EXPL: 0CVE-2007-5501
https://notcve.org/view.php?id=CVE-2007-5501
The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference. La función tcp_sacktag_write_queue en el archivo net/ipv4/tcp_input.c en el kernel de Linux versiones 2.6.21 hasta 2.6.23.7 ??y versiones 2.6.24-rc hasta 2.6.24-rc2, permite a atacantes remotos causar una denegación de servicio (bloqueo de aplicación) por medio de respuestas ACK diseñadas que desencadenan una desreferencia del puntero • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=96a2d41a3e495734b63bff4e5dd0112741b93b38 http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html http://lwn.net/Articles/258947 http://secunia.com/advisories/27664 http://secunia.com/advisories/27703 http://secunia.com/advisories/27888 http://secunia.com/advisories/27919 http://secunia.com/advisories/27922 http://secunia.com/advisories/28170 http://secunia.com/advisories/28706 http:// • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-7229
https://notcve.org/view.php?id=CVE-2006-7229
The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, which allows remote attackers to cause a denial of service (machine crash) via a flood of network traffic. El controlador de dispositivo skge 1.5 en el núcleo de Linux 2.6.15 en Ubuntu no utiliza apropiadamente las funciones spin_lock y spin_unlock, lo cual permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) mediante una inundación de tráfico de red. • http://secunia.com/advisories/28971 http://www.securityfocus.com/bid/26511 http://www.ubuntu.com/usn/usn-578-1 https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/65631 • CWE-399: Resource Management Errors •