Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2012-AVI-046
Vulnerability from certfr_avis - Published: 2012-02-01 - Updated: 2012-02-01
Un grand nombre de vulnérabilités, dont certaines permettent d'exécuter du code arbitraire à distance, sont présentes dans VMware ESX et VMware ESXi.
Description
Un grand nombre de vulnérabilités existe dans VMWare ESX et VMware ESXi dont certaines, particulièrement critiques, peuvent conduire à une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMware ESXi 4.1 ;",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 4.1.",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUn grand nombre de vuln\u00e9rabilit\u00e9s existe dans VMWare ESX et VMware ESXi\ndont certaines, particuli\u00e8rement critiques, peuvent conduire \u00e0 une\nex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1170"
},
{
"name": "CVE-2010-1634",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1634"
},
{
"name": "CVE-2010-2059",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2059"
},
{
"name": "CVE-2011-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2901"
},
{
"name": "CVE-2011-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2694"
},
{
"name": "CVE-2011-2213",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2213"
},
{
"name": "CVE-2010-4649",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4649"
},
{
"name": "CVE-2009-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3560"
},
{
"name": "CVE-2011-1494",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1494"
},
{
"name": "CVE-2011-1044",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1044"
},
{
"name": "CVE-2011-3378",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3378"
},
{
"name": "CVE-2011-2022",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2022"
},
{
"name": "CVE-2011-1080",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1080"
},
{
"name": "CVE-2011-1746",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1746"
},
{
"name": "CVE-2011-0695",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0695"
},
{
"name": "CVE-2011-2522",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2522"
},
{
"name": "CVE-2011-1745",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1745"
},
{
"name": "CVE-2011-1780",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1780"
},
{
"name": "CVE-2011-1078",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1078"
},
{
"name": "CVE-2010-3493",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3493"
},
{
"name": "CVE-2011-1776",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1776"
},
{
"name": "CVE-2011-1171",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1171"
},
{
"name": "CVE-2011-1936",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1936"
},
{
"name": "CVE-2011-1678",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1678"
},
{
"name": "CVE-2011-1593",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1593"
},
{
"name": "CVE-2011-1182",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1182"
},
{
"name": "CVE-2011-1093",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1093"
},
{
"name": "CVE-2011-2517",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2517"
},
{
"name": "CVE-2011-1521",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1521"
},
{
"name": "CVE-2011-1763",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1763"
},
{
"name": "CVE-2011-2192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2192"
},
{
"name": "CVE-2011-0726",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0726"
},
{
"name": "CVE-2011-1015",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1015"
},
{
"name": "CVE-2011-2492",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2492"
},
{
"name": "CVE-2011-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1079"
},
{
"name": "CVE-2011-2525",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2525"
},
{
"name": "CVE-2011-2482",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2482"
},
{
"name": "CVE-2011-1573",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1573"
},
{
"name": "CVE-2011-1166",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1166"
},
{
"name": "CVE-2011-2689",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2689"
},
{
"name": "CVE-2010-0787",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0787"
},
{
"name": "CVE-2011-1172",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1172"
},
{
"name": "CVE-2011-1163",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1163"
},
{
"name": "CVE-2010-2089",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2089"
},
{
"name": "CVE-2010-0547",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0547"
},
{
"name": "CVE-2009-3720",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3720"
},
{
"name": "CVE-2011-1577",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1577"
},
{
"name": "CVE-2011-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2519"
},
{
"name": "CVE-2011-1495",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1495"
},
{
"name": "CVE-2011-0711",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0711"
},
{
"name": "CVE-2011-2491",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2491"
},
{
"name": "CVE-2011-1576",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1576"
},
{
"name": "CVE-2011-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2495"
}
],
"initial_release_date": "2012-02-01T00:00:00",
"last_revision_date": "2012-02-01T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2012-0001 du 30 janvier 2012 :",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0001.html"
}
],
"reference": "CERTA-2012-AVI-046",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-02-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Un grand nombre de vuln\u00e9rabilit\u00e9s, dont certaines permettent d\u0027ex\u00e9cuter\ndu code arbitraire \u00e0 distance, sont pr\u00e9sentes dans VMware ESX et VMware\nESXi.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans VMware ESX et ESXi",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2012-0001 du 30 janvier 2012",
"url": null
}
]
}
CVE-2011-2213 (GCVE-0-2011-2213)
Vulnerability from cvelistv5 – Published: 2011-08-29 18:00 – Updated: 2024-08-06 22:53
VLAI
EPSS
Summary
The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2011-06-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:53:17.439Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://patchwork.ozlabs.org/patch/100857/"
},
{
"name": "[netdev] 20110617 [PATCH] inet_diag: fix inet_diag_bc_audit()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://article.gmane.org/gmane.linux.network/198809"
},
{
"name": "RHSA-2011:0927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=714536"
},
{
"name": "[oss-security] 20110620 CVE request: kernel: inet_diag: fix inet_diag_bc_audit()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/20/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d"
},
{
"name": "[netdev] 20110601 inet_diag insufficient validation?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://article.gmane.org/gmane.linux.network/197206"
},
{
"name": "[netdev] 20110601 Re: inet_diag insufficient validation?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://article.gmane.org/gmane.linux.network/197208"
},
{
"name": "[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/20/13"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3"
},
{
"name": "[netdev] 20110603 Re: inet_diag insufficient validation?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://article.gmane.org/gmane.linux.network/197386"
},
{
"name": "[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/20/16"
},
{
"name": "HPSBGN02970",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-08-19T15:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://patchwork.ozlabs.org/patch/100857/"
},
{
"name": "[netdev] 20110617 [PATCH] inet_diag: fix inet_diag_bc_audit()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://article.gmane.org/gmane.linux.network/198809"
},
{
"name": "RHSA-2011:0927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=714536"
},
{
"name": "[oss-security] 20110620 CVE request: kernel: inet_diag: fix inet_diag_bc_audit()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/20/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d"
},
{
"name": "[netdev] 20110601 inet_diag insufficient validation?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://article.gmane.org/gmane.linux.network/197206"
},
{
"name": "[netdev] 20110601 Re: inet_diag insufficient validation?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://article.gmane.org/gmane.linux.network/197208"
},
{
"name": "[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/20/13"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3"
},
{
"name": "[netdev] 20110603 Re: inet_diag insufficient validation?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://article.gmane.org/gmane.linux.network/197386"
},
{
"name": "[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/20/16"
},
{
"name": "HPSBGN02970",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2213",
"datePublished": "2011-08-29T18:00:00.000Z",
"dateReserved": "2011-05-31T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:53:17.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2482 (GCVE-0-2011-2482)
Vulnerability from cvelistv5 – Published: 2013-06-08 10:00 – Updated: 2024-08-06 23:00
VLAI
EPSS
Summary
A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=714867 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2011-1212.html | vendor-advisoryx_refsource_REDHAT |
| http://www.openwall.com/lists/oss-security/2011/08/30/1 | mailing-listx_refsource_MLIST |
| http://ftp.osuosl.org/pub/linux/kernel/v2.6/Chang… | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/ea2bc483… | x_refsource_CONFIRM |
| http://git.kernel.org/?p=linux/kernel/git/torvald… | x_refsource_CONFIRM |
Date Public
2011-08-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=714867"
},
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"name": "[oss-security] 20110830 kernel: CVE-2011-2482/2519",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/30/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-27T00:57:03.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=714867"
},
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"name": "[oss-security] 20110830 kernel: CVE-2011-2482/2519",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/30/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2482",
"datePublished": "2013-06-08T10:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:34.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2491 (GCVE-0-2011-2491)
Vulnerability from cvelistv5 – Published: 2013-03-01 11:00 – Updated: 2024-08-06 23:00
VLAI
EPSS
Summary
The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://ftp.osuosl.org/pub/linux/kernel/v3.0/Chang… | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/0b760113… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2011-1212.html | vendor-advisoryx_refsource_REDHAT |
| http://www.openwall.com/lists/oss-security/2011/06/23/6 | mailing-listx_refsource_MLIST |
| http://git.kernel.org/?p=linux/kernel/git/torvald… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=709393 | x_refsource_CONFIRM |
Date Public
2011-06-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/0b760113a3a155269a3fba93a409c640031dd68f"
},
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"name": "[oss-security] 20110623 Re: CVE request: kernel: NLM: Don\u0027t hang forever on NLM unlock requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0b760113a3a155269a3fba93a409c640031dd68f"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=709393"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-27T00:57:03.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/0b760113a3a155269a3fba93a409c640031dd68f"
},
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"name": "[oss-security] 20110623 Re: CVE request: kernel: NLM: Don\u0027t hang forever on NLM unlock requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/23/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0b760113a3a155269a3fba93a409c640031dd68f"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=709393"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2491",
"datePublished": "2013-03-01T11:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:34.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2492 (GCVE-0-2011-2492)
Vulnerability from cvelistv5 – Published: 2011-07-28 22:00 – Updated: 2024-08-06 23:00
VLAI
EPSS
Summary
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2011-0927.html | vendor-advisoryx_refsource_REDHAT |
| http://git.kernel.org/?p=linux/kernel/git/torvald… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=703019 | x_refsource_CONFIRM |
| http://www.kernel.org/pub/linux/kernel/v3.0/testi… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2011/06/24/3 | mailing-listx_refsource_MLIST |
| http://securitytracker.com/id?1025778 | vdb-entryx_refsource_SECTRACK |
| http://www.openwall.com/lists/oss-security/2011/06/24/2 | mailing-listx_refsource_MLIST |
| http://permalink.gmane.org/gmane.linux.bluez.kern… | mailing-listx_refsource_MLIST |
| http://marc.info/?l=bugtraq&m=139447903326211&w=2 | vendor-advisoryx_refsource_HP |
Date Public
2011-05-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2011:0927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d03e971cf403305217b8e62db3a2e5ad2d6263f"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4"
},
{
"name": "[oss-security] 20110624 Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/24/3"
},
{
"name": "1025778",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025778"
},
{
"name": "[oss-security] 20110624 CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/24/2"
},
{
"name": "[linux-bluetooth] 20110508 Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://permalink.gmane.org/gmane.linux.bluez.kernel/12909"
},
{
"name": "HPSBGN02970",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-08-19T15:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2011:0927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d03e971cf403305217b8e62db3a2e5ad2d6263f"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4"
},
{
"name": "[oss-security] 20110624 Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/24/3"
},
{
"name": "1025778",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025778"
},
{
"name": "[oss-security] 20110624 CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/24/2"
},
{
"name": "[linux-bluetooth] 20110508 Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://permalink.gmane.org/gmane.linux.bluez.kernel/12909"
},
{
"name": "HPSBGN02970",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2492",
"datePublished": "2011-07-28T22:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:34.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2495 (GCVE-0-2011-2495)
Vulnerability from cvelistv5 – Published: 2012-06-13 10:00 – Updated: 2024-08-06 23:00
VLAI
EPSS
Summary
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2011/06/27/1 | mailing-listx_refsource_MLIST |
| http://ftp.osuosl.org/pub/linux/kernel/v2.6/Chang… | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/1d1221f3… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2011-1212.html | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=716825 | x_refsource_CONFIRM |
| http://git.kernel.org/?p=linux/kernel/git/torvald… | x_refsource_CONFIRM |
Date Public
2011-06-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.104Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110627 Re: CVE request: kernel: taskstats/procfs io infoleak",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/1d1221f375c94ef961ba8574ac4f85c8870ddd51"
},
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716825"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d1221f375c94ef961ba8574ac4f85c8870ddd51"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user\u0027s password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-27T00:57:03.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110627 Re: CVE request: kernel: taskstats/procfs io infoleak",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/1d1221f375c94ef961ba8574ac4f85c8870ddd51"
},
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716825"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d1221f375c94ef961ba8574ac4f85c8870ddd51"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2495",
"datePublished": "2012-06-13T10:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:34.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2517 (GCVE-0-2011-2517)
Vulnerability from cvelistv5 – Published: 2012-05-24 23:00 – Updated: 2024-08-06 23:00
VLAI
EPSS
Summary
Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2011-1212.html | vendor-advisoryx_refsource_REDHAT |
| http://git.kernel.org/?p=linux/kernel/git/torvald… | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/208c72f4… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2011/07/01/4 | mailing-listx_refsource_MLIST |
| http://ftp.osuosl.org/pub/linux/kernel/v2.6/Chang… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=718152 | x_refsource_CONFIRM |
Date Public
2011-06-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=208c72f4fe44fe09577e7975ba0e7fa0278f3d03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03"
},
{
"name": "[oss-security] 20110701 Re: CVE request: kernel: nl80211: missing check for valid SSID size in scan operations",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/01/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-27T00:57:03.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=208c72f4fe44fe09577e7975ba0e7fa0278f3d03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/208c72f4fe44fe09577e7975ba0e7fa0278f3d03"
},
{
"name": "[oss-security] 20110701 Re: CVE request: kernel: nl80211: missing check for valid SSID size in scan operations",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/01/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718152"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2517",
"datePublished": "2012-05-24T23:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:34.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2519 (GCVE-0-2011-2519)
Vulnerability from cvelistv5 – Published: 2013-12-27 01:00 – Updated: 2024-08-06 23:00
VLAI
EPSS
Summary
Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2011/08/30/1 | mailing-listx_refsource_MLIST |
| http://rhn.redhat.com/errata/RHSA-2011-1212.html | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=718882 | x_refsource_CONFIRM |
| http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644 | x_refsource_MISC |
Date Public
2013-08-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20130830 kernel: CVE-2011-2482/2519",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/30/1"
},
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718882"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-27T00:57:03.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20130830 kernel: CVE-2011-2482/2519",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/30/1"
},
{
"name": "RHSA-2011:1212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=718882"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2519",
"datePublished": "2013-12-27T01:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:34.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2522 (GCVE-0-2011-2522)
Vulnerability from cvelistv5 – Published: 2011-07-29 20:00 – Updated: 2024-08-06 23:00
VLAI
EPSS
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
21 references
Date Public
2011-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2011:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:121"
},
{
"name": "74071",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/74071"
},
{
"name": "HPSBNS02701",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543"
},
{
"name": "SSRT100664",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133527864025056\u0026w=2"
},
{
"name": "HPSBUX02768",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133527864025056\u0026w=2"
},
{
"name": "1025852",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025852"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.samba.org/show_bug.cgi?id=8290"
},
{
"name": "DSA-2290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2290"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.samba.org/samba/security/CVE-2011-2522"
},
{
"name": "45393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45393"
},
{
"name": "45496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45496"
},
{
"name": "45488",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45488"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=721348"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://samba.org/samba/history/samba-3.5.10.html"
},
{
"name": "SSRT100598",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543"
},
{
"name": "17577",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/17577"
},
{
"name": "8317",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8317"
},
{
"name": "JVN#29529126",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN29529126/index.html"
},
{
"name": "USN-1182-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-1182-1"
},
{
"name": "48899",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48899"
},
{
"name": "samba-swat-csrf(68843)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68843"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-12T17:57:02.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDVSA-2011:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:121"
},
{
"name": "74071",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/74071"
},
{
"name": "HPSBNS02701",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543"
},
{
"name": "SSRT100664",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133527864025056\u0026w=2"
},
{
"name": "HPSBUX02768",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133527864025056\u0026w=2"
},
{
"name": "1025852",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025852"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.samba.org/show_bug.cgi?id=8290"
},
{
"name": "DSA-2290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2290"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.samba.org/samba/security/CVE-2011-2522"
},
{
"name": "45393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45393"
},
{
"name": "45496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45496"
},
{
"name": "45488",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45488"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=721348"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://samba.org/samba/history/samba-3.5.10.html"
},
{
"name": "SSRT100598",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543"
},
{
"name": "17577",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/17577"
},
{
"name": "8317",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8317"
},
{
"name": "JVN#29529126",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN29529126/index.html"
},
{
"name": "USN-1182-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-1182-1"
},
{
"name": "48899",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48899"
},
{
"name": "samba-swat-csrf(68843)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68843"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2011:121",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:121"
},
{
"name": "74071",
"refsource": "OSVDB",
"url": "http://osvdb.org/74071"
},
{
"name": "HPSBNS02701",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543"
},
{
"name": "SSRT100664",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133527864025056\u0026w=2"
},
{
"name": "HPSBUX02768",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133527864025056\u0026w=2"
},
{
"name": "1025852",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025852"
},
{
"name": "https://bugzilla.samba.org/show_bug.cgi?id=8290",
"refsource": "CONFIRM",
"url": "https://bugzilla.samba.org/show_bug.cgi?id=8290"
},
{
"name": "DSA-2290",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2290"
},
{
"name": "http://www.samba.org/samba/security/CVE-2011-2522",
"refsource": "CONFIRM",
"url": "http://www.samba.org/samba/security/CVE-2011-2522"
},
{
"name": "45393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45393"
},
{
"name": "45496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45496"
},
{
"name": "45488",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45488"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=721348",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=721348"
},
{
"name": "http://samba.org/samba/history/samba-3.5.10.html",
"refsource": "CONFIRM",
"url": "http://samba.org/samba/history/samba-3.5.10.html"
},
{
"name": "SSRT100598",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c03008543"
},
{
"name": "17577",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/17577"
},
{
"name": "8317",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8317"
},
{
"name": "JVN#29529126",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN29529126/index.html"
},
{
"name": "USN-1182-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1182-1"
},
{
"name": "48899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48899"
},
{
"name": "samba-swat-csrf(68843)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68843"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2522",
"datePublished": "2011-07-29T20:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:34.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2525 (GCVE-0-2011-2525)
Vulnerability from cvelistv5 – Published: 2012-02-02 02:00 – Updated: 2024-08-06 23:00
VLAI
EPSS
Summary
The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=720552 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2011-1065.html | vendor-advisoryx_refsource_REDHAT |
| http://kerneltrap.org/mailarchive/linux-netdev/20… | mailing-listx_refsource_MLIST |
| http://mirror.anl.gov/pub/linux/kernel/v2.6/Chang… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2011-1163.html | vendor-advisoryx_refsource_REDHAT |
| http://openwall.com/lists/oss-security/2011/07/12/1 | mailing-listx_refsource_MLIST |
| http://git.kernel.org/?p=linux/kernel/git/torvald… | x_refsource_CONFIRM |
Date Public
2010-05-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720552"
},
{
"name": "RHSA-2011:1065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1065.html"
},
{
"name": "[netdev] 20100521 tc: RTM_GETQDISC causes kernel OOPS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://kerneltrap.org/mailarchive/linux-netdev/2010/5/21/6277805"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.35"
},
{
"name": "RHSA-2011:1163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1163.html"
},
{
"name": "[oss-security] 20110712 CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/07/12/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53b0f08042f04813cd1a7473dacd3edfacb28eb3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-07T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720552"
},
{
"name": "RHSA-2011:1065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1065.html"
},
{
"name": "[netdev] 20100521 tc: RTM_GETQDISC causes kernel OOPS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://kerneltrap.org/mailarchive/linux-netdev/2010/5/21/6277805"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.35"
},
{
"name": "RHSA-2011:1163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1163.html"
},
{
"name": "[oss-security] 20110712 CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/07/12/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53b0f08042f04813cd1a7473dacd3edfacb28eb3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2525",
"datePublished": "2012-02-02T02:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:00:34.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2689 (GCVE-0-2011-2689)
Vulnerability from cvelistv5 – Published: 2011-07-28 22:00 – Updated: 2024-08-06 23:08
VLAI
EPSS
Summary
The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2011/07/13/1 | mailing-listx_refsource_MLIST |
| http://rhn.redhat.com/errata/RHSA-2011-1065.html | vendor-advisoryx_refsource_REDHAT |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1025776 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/48677 | vdb-entryx_refsource_BID |
| http://www.kernel.org/pub/linux/kernel/v3.0/testi… | x_refsource_CONFIRM |
| http://secunia.com/advisories/45193 | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=139447903326211&w=2 | vendor-advisoryx_refsource_HP |
| http://git.kernel.org/?p=linux/kernel/git/torvald… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=720861 | x_refsource_CONFIRM |
Date Public
2011-05-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.784Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110713 CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple of blksize",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/13/1"
},
{
"name": "RHSA-2011:1065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1065.html"
},
{
"name": "linux-kernel-gfs2-dos(68557)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68557"
},
{
"name": "1025776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025776"
},
{
"name": "48677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48677"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc1"
},
{
"name": "45193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45193"
},
{
"name": "HPSBGN02970",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6905d9e4dda6112f007e9090bca80507da158e63"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110713 CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple of blksize",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/13/1"
},
{
"name": "RHSA-2011:1065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-1065.html"
},
{
"name": "linux-kernel-gfs2-dos(68557)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68557"
},
{
"name": "1025776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025776"
},
{
"name": "48677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48677"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc1"
},
{
"name": "45193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45193"
},
{
"name": "HPSBGN02970",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6905d9e4dda6112f007e9090bca80507da158e63"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720861"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2689",
"datePublished": "2011-07-28T22:00:00.000Z",
"dateReserved": "2011-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:08:23.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…