CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-7203 – oops in compat_sys_mount() when data pointer is NULL
https://notcve.org/view.php?id=CVE-2006-7203
The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs"). La función compat_sys_mount en fs/compat.c en Linux kernel 2.6.20 y anteriores permite a usuarios locales provocar denegación de servicio (puntero de referencia NULL y Oops(cuando un evento desconocido interfiere en el funcionamiento normal del núcleo(kernel))) montando un sistema de archivos smbfs en modo compatible ("mount -t smbfs"). • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff_plain%3Bh=822191a2fa1584a29c3224ab328507adcaeac1ab http://rhn.redhat.com/errata/RHSA-2007-0488.html http://secunia.com/advisories/25682 http://secunia.com/advisories/25683 http://secunia.com/advisories/25700 http://secunia.com/advisories/25838 http://secunia.com/advisories/25961 http://secunia.com/advisories/26133 http://secunia.com/advisories/26139 http://secunia.com/advisories/26289 http://secunia.com& •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2525 – PPPoE socket PPPIOCGCHAN denial of service
https://notcve.org/view.php?id=CVE-2007-2525
Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized. Una pérdida de memoria en la implementación del socket PPP over Ethernet (PPPoE) en el kernel de Linux versiones anteriores a 2.6.21-git8, permite a usuarios locales causar una denegación de servicio (consumo de memoria) mediante la creación de un socket usando connect y liberándolo antes de que la ioctl PPPIOCGCHAN sea inicializada • http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.21-git8.log http://rhn.redhat.com/errata/RHSA-2007-0488.html http://secunia.com/advisories/25163 http://secunia.com/advisories/25700 http://secunia.com/advisories/25838 http://secunia.com/advisories/26133 http://secunia.com/advisories/26139 http://secunia.com/advisories/26289 http://secunia.com/advisories/26450 http://secunia.com/advisories/26620 http://secunia.com/advisories/26664 http://secunia.com/a •
CVSS: 4.9EPSS: 0%CPEs: 151EXPL: 1CVE-2007-1861 – Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-1861
The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow. La función nl_fib_lookup en el archivo net/ipv4/fib_frontend.c en el Kernel de Linux anterior a la versión 2.6.20.8 permite a los atacantes causar una denegación de servicio (kernel panic) por medio de las respuestas NETLINK_FIB_LOOKUP, que desencadenan una recursividad infinita y un desbordamiento de pila. • https://www.exploit-db.com/exploits/29916 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.8 http://secunia.com/advisories/25030 http://secunia.com/advisories/25083 http://secunia.com/advisories/25228 http://secunia.com/advisories/25288 http://secunia.com/advisories/25691 http://secunia.com/advisories/25961 http://secunia.com/advisories/26133 http://secunia.com/advisories/26139 http://secunia.com/advisories/26620 http://www.debian.org/security/2007/dsa- • CWE-399: Resource Management Errors •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2480
https://notcve.org/view.php?id=CVE-2007-2480
The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applications. La función _udp_lib_get_port de _udp_lib_get_port en Linux kernel 2.6.21 y versiones anteriores no previene una asociación a un puerto con una dirección local cuando ya existe una asociación a ese puerto con un comodín de dirección local, lo cual podría permitir a usuarios locales interceptar tráfico local de demonios u otras aplicaciones. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=de34ed91c4ffa4727964a832c46e624dd1495cf5 http://osvdb.org/39235 •
CVSS: 4.9EPSS: 0%CPEs: 15EXPL: 0CVE-2007-0771 – Tracing execution of a threaded executable causes kernel BUG report
https://notcve.org/view.php?id=CVE-2007-0771
The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c. El soporte utrace en el kernel de Linux versión 2.6.18 y otras versiones, permite a usuarios locales causar una denegación de servicio (bloqueo de sistema) relacionado con el "MT exec + utrace_attach spin failure mode," como es demostrado por el archivo ptrace-thrash.c. • http://osvdb.org/35927 http://secunia.com/advisories/25080 http://securitytracker.com/id?1017979 http://www.redhat.com/support/errata/RHSA-2007-0169.html http://www.securityfocus.com/bid/23720 https://bugzilla.redhat.com/show_bug.cgi?id=227952 https://bugzilla.redhat.com/show_bug.cgi?id=228816 https://exchange.xforce.ibmcloud.com/vulnerabilities/34128 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9447 https://access.redhat.com/security/cve/ •