CVSS: 7.8EPSS: 10%CPEs: 122EXPL: 0CVE-2007-0772
https://notcve.org/view.php?id=CVE-2007-0772
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer. El kernel de Linux versión 2.6.13 y otras versiones anteriores a 2.6.20.1, permite a atacantes remotos causar una denegación de servicio (oops) por medio de una petición NFSACL 2 ACCESS que desencadena una liberación de un puntero incorrecto. • http://fedoranews.org/cms/node/2739 http://fedoranews.org/cms/node/2740 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.1 http://osvdb.org/33022 http://secunia.com/advisories/24201 http://secunia.com/advisories/24215 http://secunia.com/advisories/24400 http://secunia.com/advisories/24482 http://secunia.com/advisories/24547 http://secunia.com/advisories/24752 http://secunia.com/advisories/24777 http://secunia.com/advisories/25691 http://www.mandr • CWE-399: Resource Management Errors •
CVSS: 2.1EPSS: 0%CPEs: 122EXPL: 0CVE-2007-0958 – core-dumping unreadable binaries via PT_INTERP
https://notcve.org/view.php?id=CVE-2007-0958
Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump, a variant of CVE-2004-1073. Linux kernel 2.6.x versiones anteriores a 2.6.20 permite a atacantes remotos leer binarios inleibles usando la funcionalidad intérprete (PT_INTERP) y disparar un volcado de memoria, variante de CVE-2004-1073. • http://osvdb.org/35930 http://rhn.redhat.com/errata/RHSA-2007-0488.html http://secunia.com/advisories/24482 http://secunia.com/advisories/24752 http://secunia.com/advisories/24777 http://secunia.com/advisories/25078 http://secunia.com/advisories/25714 http://secunia.com/advisories/25838 http://secunia.com/advisories/26289 http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm http://www.debian.org/security/2007/dsa-1286 http://www.debian.org/security/2007/ •
CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0822
https://notcve.org/view.php?id=CVE-2007-0822
umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents. umount cuando se ejecuta con el kernel de Linux 2.6.15 en el Slackware Linux 10.2 permite a usuarios locales lanzar una referencia a NULL y una caída de la aplicación, mediante la invocación de un programa con el nombre de la ruta (pathname) para un dispositivo de almacenamiento USB que fue montado y luego quitado físicamente, lo que puede permitir a los usuarios obtener información sensible, incluyendo los contenidos de los ficheros esenciales. • http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html http://gotfault.wordpress.com/2007/01/18/umount-bug http://osvdb.org/33652 http://www.mandriva.com/security/advisories?name=MDKSA-2007:053 http://www.securityfocus.com/bid/22850 http://www.securitytracker.com/id?1017729 •
CVSS: 1.9EPSS: 2%CPEs: 2EXPL: 0CVE-2007-0006
https://notcve.org/view.php?id=CVE-2007-0006
The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion." El código de prevención de colisiones de números de serial de claves en la función key_alloc_serial en el kernel de Linux versiones 2.6.9 hasta 2.6.20, permite a usuarios locales causar una denegación de servicio (bloqueo) por medio de vectores que desencadenan una desreferencia del null, como se reportó originalmente como una "spinlock CPU recursion". • http://bugzilla.kernel.org/show_bug.cgi?id=7727 http://secunia.com/advisories/24109 http://secunia.com/advisories/24259 http://secunia.com/advisories/24300 http://secunia.com/advisories/24429 http://secunia.com/advisories/24482 http://secunia.com/advisories/24547 http://secunia.com/advisories/24752 http://secunia.com/advisories/25691 http://www.mandriva.com/security/advisories?name=MDKSA-2007:047 http://www.mandriva.com/security/advisories?name=MDKSA-2007:060 http://www. •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2006-5753 – kernel listxattr syscall can corrupt user space programs
https://notcve.org/view.php?id=CVE-2006-5753
Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors. Vulnerabilidad no especificada en la llamada al sistema listxattr del núcleo de Linux, cuando un "inode malo" (bad inode) está presente, permite a usuarios locales provocar una denegación de servicio (corrupción de datos) y posiblemente obtener privilegios mediante vectores no especificados. • http://fedoranews.org/cms/node/2739 http://fedoranews.org/cms/node/2740 http://lkml.org/lkml/2007/1/3/150 http://osvdb.org/33020 http://secunia.com/advisories/23955 http://secunia.com/advisories/23997 http://secunia.com/advisories/24098 http://secunia.com/advisories/24100 http://secunia.com/advisories/24206 http://secunia.com/advisories/24400 http://secunia.com/advisories/24429 http://secunia.com/advisories/24482 http://secunia.com/advisories/24547 http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •