Linux Kernel Security Vulnerabilities and Issues — Page 2 of Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

72 matches found

CVE•added 2008/11/10 4:15 p.m.•59 views

CVE-2008-5033

The chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service (NULL function pointer dereference and OOPS) via unknown vectors.

7.8CVSS6.9AI score0.00557EPSS

CVE•added 2008/10/21 12:10 a.m.•58 views

CVE-2008-4618

The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related to sctp_sf_violatio...

7.8CVSS6.1AI score0.01011EPSS

CVE•added 2008/08/08 7:41 p.m.•57 views

CVE-2008-3535

Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the L...

4.9CVSS4.9AI score0.00047EPSS

CVE•added 2008/10/06 7:54 p.m.•57 views

CVE-2008-4445

The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX,...

4.7CVSS4.7AI score0.00179EPSS

CVE•added 2008/01/31 9:0 p.m.•56 views

CVE-2007-4998

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.

6.9CVSS6.5AI score0.00027EPSS

CVE•added 2008/09/03 2:12 p.m.•56 views

CVE-2008-3792

net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereferen...

7.1CVSS5AI score0.0444EPSS

CVE•added 2008/09/16 11:0 p.m.•56 views

CVE-2008-4113

The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows ...

4.7CVSS4.7AI score0.00179EPSS

CVE•added 2008/01/18 12:0 a.m.•54 views

CVE-2008-0352

The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).

7.8CVSS6.6AI score0.03354EPSS

CVE•added 2008/08/27 8:41 p.m.•54 views

CVE-2008-3526

Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via...

7.8CVSS6AI score0.01908EPSS

CVE•added 2008/08/08 7:41 p.m.•54 views

CVE-2008-3534

The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to al...

4.9CVSS4.9AI score0.00046EPSS

CVE•added 2008/05/08 12:20 a.m.•53 views

CVE-2007-5498

The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service (host OS crash) via a request that specifies a large number of blocks.

4.9CVSS5.7AI score0.0005EPSS

CVE•added 2008/06/30 9:41 p.m.•53 views

CVE-2008-2944

Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CV...

4.9CVSS5.8AI score0.01283EPSS

CVE•added 2008/06/18 7:41 p.m.•52 views

CVE-2008-2750

The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a crafted PPPOL2TP packet that results in a large va...

7.8CVSS7.8AI score0.12059EPSS

CVE•added 2008/05/02 4:5 p.m.•51 views

CVE-2008-1675

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.

7.2CVSS5.7AI score0.00068EPSS

CVE•added 2008/10/03 5:41 p.m.•51 views

CVE-2008-4410

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function ca...

4.9CVSS5.7AI score0.00094EPSS

CVE•added 2008/05/02 4:5 p.m.•50 views

CVE-2008-1294

Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits.

2.1CVSS7.2AI score0.00039EPSS

CVE•added 2008/05/12 9:20 p.m.•49 views

CVE-2008-2148

The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.

3.6CVSS6AI score0.00065EPSS

CVE•added 2008/09/04 5:41 p.m.•47 views

CVE-2008-3911

The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified other impact via a crafted read system call for the /proc/sys/sunrpc/tr...

7.2CVSS6.6AI score0.00047EPSS

CVE•added 2008/07/24 3:41 p.m.•44 views

CVE-2008-3247

The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 on x86_64 platforms uses an incorrect size for ldt_desc, which allows local users to cause a denial of service (system crash) or possibly gain privileges via unspecified vectors.

7.2CVSS6.5AI score0.00094EPSS

CVE•added 2008/02/12 9:0 p.m.•43 views

CVE-2008-0163

Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.

4.4CVSS5.7AI score0.00032EPSS

CVE•added 2008/07/09 12:41 a.m.•39 views

CVE-2008-3077

arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the x86_64 platform leaks task_struct references into the sys32_ptrace function, which allows local users to cause a denial of service (system crash) or have unspecified other impact via unknown vectors, possibly a use-after-free vuln...

4.9CVSS6.7AI score0.00065EPSS

CVE•added 2008/08/14 10:41 p.m.•39 views

CVE-2008-3686

The rt6_fill_node function in net/ipv6/route.c in Linux kernel 2.6.26-rc4, 2.6.26.2, and possibly other 2.6.26 versions, allows local users to cause a denial of service (kernel OOPS) via IPv6 requests when no IPv6 input device is in use, which triggers a NULL pointer dereference.

4.9CVSS6.2AI score0.00072EPSS

Total number of security vulnerabilities72