Page 945 of 5163 results (0.053 seconds)

CVSS: 6.8EPSS: 3%CPEs: 1EXPL: 0

CVE-2007-5904 – Buffer overflow in CIFS VFS

https://notcve.org/view.php?id=CVE-2007-5904

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function. Múltiples desbordamientos de búfer en el CIFS VFS en el kernel de Linux 2.6.23 y versiones anteriores permiten a atacantes remotos provocar una denegación de servicio (caída) y, posiblemente, ejecutar código de su elección a través de respuestas SMB largas, que disparan un desbordamiento en la función SendReceive. • http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git%3Ba=commitdiff%3Bh=133672efbc1085f9af990bdc145e1822ea93bcf3 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://marc.info/?l=linux-kernel&m=119455843205403&w=2 http://marc.info/?l=l • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.1EPSS: 16%CPEs: 1EXPL: 0

CVE-2007-4997 – kernel ieee80211 off-by-two integer underflow

https://notcve.org/view.php?id=CVE-2007-4997

Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an "off-by-two error." desbordamiento inferior de entero en la funcióni eee80211_rx en net/ieee80211/ieee80211_rx.c en el nucleo de Linux 2.6.x anterior a 2.6.23 permite a atacantes remotos provocar denegación de servicio (caida) a través de una longitud SKB manipulada en una ventana pequeña IEEE 802.11 cuando la bandera IEEE80211_STYPE_QOS_DATA está asignada, también conocido como "error de duera de los dos" • ftp://ftp.kernel.org/pub/linux/kernel/people/bunk/linux-2.6.16.y/testing/ChangeLog-2.6.16.57-rc1 http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git%3Ba=commitdiff%3Bh=04045f98e0457aba7d4e6736f37eed189c48a5f7 http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://secunia.com/advisories/27555 http://secunia.com/advisories/27614 http://secunia.com/advisories/27824 http://secunia.com • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2007-3850 – kernel LTC31426-4k page mapping support for userspace in 64k kernels

https://notcve.org/view.php?id=CVE-2007-3850

The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space. El controlador eHCA en el kernel de Linux 2.6 anterior a 2.6.22, cuando funciona sobre PowerPC, no mapea de forma adecuada el espacio de usuario, lo cual permite a usuarios locales leer porciones de espacio de direcciones físicas. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=721151d004dcf01a71b12bb6b893f9160284cf6e http://osvdb.org/45488 http://rhn.redhat.com/errata/RHSA-2007-0940.html http://secunia.com/advisories/27322 http://www.securityfocus.com/bid/26161 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10793 https://access.redhat.com/security/cve/CVE-2007-3850 https://bugzilla.redhat.com/show_bug.cgi?id=308811 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-4133 – prio_tree unit kernel panic

https://notcve.org/view.php?id=CVE-2007-4133

The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors. Las funciones (1) hugetlb_vmtruncate_list y (2) hugetlb_vmtruncate en fs/hugetlbfs/inode.c del núcleo de Linux anterior a 2.6.19-rc4 realiza determinados cálculos prio_tree usando unidades HPAGE_SIZE en lugar de PAGE_SIZE, lo cual permite a usuarios locales provocar una denegación de servicio (panic) a través de vectores no especificados. • http://secunia.com/advisories/26994 http://secunia.com/advisories/27322 http://secunia.com/advisories/28170 http://secunia.com/advisories/28971 http://secunia.com/advisories/29058 http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6 http://www.debian.org/security/2007/dsa-1381 http://www.debian.org/security/2008/dsa-1504 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4 http://www.mandriva.com/security/advisories& •

CVSS: 4.0EPSS: 0%CPEs: 191EXPL: 0

CVE-2007-5093 – kernel PWC driver DoS

https://notcve.org/view.php?id=CVE-2007-5093

The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device. El método disconnect en el controlador Philips USB Webcam (pwc) en Linux kernel 2.6.x anterior 2.6.22.6 "confía en espacio del usuario para cerrar el dispositivo" lo cual permite a un atacante local con la intervención del usuario provocar denegación de servicio (cuelgue del sistema USB y consumo de CPU en khubd) sin cerrar el dispositivo después de llamar a la desconexión. NOTA: esto cruza raramente límites de privilegio, a menos que el atacante los pueda convencer a la víctima que desenchufe el dispositivo afectado. • http://marc.info/?l=linux-kernel&m=118873457814808&w=2 http://marc.info/?l=linux-kernel&m=118880154122548&w=2 http://rhn.redhat.com/errata/RHSA-2008-0972.html http://secunia.com/advisories/26994 http://secunia.com/advisories/28170 http://secunia.com/advisories/28706 http://secunia.com/advisories/28971 http://secunia.com/advisories/29058 http://secunia.com/advisories/30294 http://secunia.com/advisories/32799 http://www.debian.org/security/2007/dsa-1381 http:/&# • CWE-399: Resource Management Errors •