Page 966 of 5187 results (0.020 seconds)

CVSS: 7.5EPSS: 5%CPEs: 7EXPL: 1

CVE-2006-4997

https://notcve.org/view.php?id=CVE-2006-4997

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference). La función clip_mkip en net/atm/clip.c del subsistema ATM en el núcleo Linux permite a atacantes remotos provocar una denegación de servicio (panico) mediante vectores no identificados que provocan que el subsisstema ATM acceda a la memoria de búferes de sockets después de que hayan sido liberados (referencia a puntero liberado). • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206265 http://secunia.com/advisories/22253 http://secunia.com/advisories/22279 http://secunia.com/advisories/22292 http://secunia.com/advisories/22497 http://secunia.com/advisories/22762 http://secunia.com/advisories/22945 http://secunia.com/advisories/23064 http://secunia.com/advisories/23370 http://secunia.com/advisories/23384 http://secunia.com/advisories/23395 http://secunia.com/advisories/23474 http://secunia.com/ • CWE-416: Use After Free •

CVSS: 2.1EPSS: 0%CPEs: 201EXPL: 0

CVE-2006-5174

https://notcve.org/view.php?id=CVE-2006-5174

The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer. La función copy_from_user en el código uaccess en Linux kernel 2.6 anterior a 2.6.19-rc1, cuando funciona sobre s390, no correctamente claro un búfer del núcleo, lo cuál permite que los programas locales del espacio del usuario lean porciones de la memoria del núcleo “añadiendo a un archivo una mala dirección,” lo que dispara una falta que previene la memoria no usada se limpie en el búfer del nucleo. • http://lkml.org/lkml/2006/11/5/46 http://rhn.redhat.com/errata/RHSA-2007-0014.html http://secunia.com/advisories/22289 http://secunia.com/advisories/22497 http://secunia.com/advisories/23064 http://secunia.com/advisories/23370 http://secunia.com/advisories/23395 http://secunia.com/advisories/23474 http://secunia.com/advisories/23997 http://secunia.com/advisories/24206 http://securitytracker.com/id?1017090 http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm •

CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0

CVE-2006-5158 – NFS lockd deadlock

https://notcve.org/view.php?id=CVE-2006-5158

The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock. El nlmclnt_mark_reclaim en clntlock.c en NFS lockd en el kernel de Linux en versiones anteriores a 2.6.16 permite a atacantes remotos provocar una denegación de servicio (caída de proceso) y denegación de acceso a exportaciones NFS a través de vectores no especificados que desencadenan un oops en el kernel (referencia nula) y bloqueo mutuo. • http://marc.info/?l=linux-kernel&m=113476665626446&w=2 http://marc.info/?l=linux-kernel&m=113494474208973&w=2 http://rhn.redhat.com/errata/RHSA-2007-0488.html http://secunia.com/advisories/23361 http://secunia.com/advisories/23384 http://secunia.com/advisories/23752 http://secunia.com/advisories/25838 http://secunia.com/advisories/26289 http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2 • CWE-667: Improper Locking •

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0

CVE-2006-4535

https://notcve.org/view.php?id=CVE-2006-4535

The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to backporting of the CVE-2006-3745 patch. El Linux kernel 2.6.17.10 y 2.6.17.11 y 2.6.18-rc5 permite a usuarios locales provocar una denegación de servicio (caída) vía un socket SCTP con un cierto valor SO_LINGER, posiblemente relacionado con el parche para CVE-2006-3745. NOTA: versiones anteriores del núcleo para las distribuciones Linux especificadas están también afectadas, debido a la portabilidad hacia atrás del parche CVE-2006-3745. • http://secunia.com/advisories/21945 http://secunia.com/advisories/21967 http://secunia.com/advisories/22082 http://secunia.com/advisories/22093 http://secunia.com/advisories/22292 http://secunia.com/advisories/22382 http://secunia.com/advisories/22945 http://securitytracker.com/id?1016992 http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm http://www.debian.org/security/2006/dsa-1183 http://www.debian.org/security/2006/dsa-1184 http://www.mail-archive.com/ke • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 9%CPEs: 1EXPL: 0

CVE-2006-4623

https://notcve.org/view.php?id=CVE-2006-4623

The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet. EL componente de desencapsulación Unidirectional Lightweight Encapsulation (ULE) en dvb-core/dvb_net.c en el controlador dvb en el Kernel 2.6.17.8 de Linux permite a un atacante remoto provocar una denegación de servicio (caida) a través de la longitud SNDU de 0 en un paquete ULE. • http://lkml.org/lkml/2006/8/20/278 http://secunia.com/advisories/21820 http://secunia.com/advisories/22292 http://secunia.com/advisories/22382 http://secunia.com/advisories/22441 http://secunia.com/advisories/22945 http://secunia.com/advisories/23474 http://secunia.com/advisories/25691 http://secunia.com/advisories/25714 http://secunia.com/advisories/26139 http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm http://www.debian.org/security/2007/dsa-1304 ht •