Lucene search
+L

73 matches found

CVE
CVE
added 2010/12/06 8:0 p.m.646 views

CVE-2010-3904

CVE-2010-3904 is a Linux kernel flaw in the RDS implementation where rds_page_copy_user does not validate user-space addresses, enabling local privilege escalation via crafted sendmsg/recvmsg calls. Affected: Linux kernels prior to 2.6.36; fixed in later kernel releases (e.g., Red Hat/CentOS advi...

7.8CVSS6.4AI score0.12159EPSS
In wild
CVE
CVE
added 2010/11/26 7:0 p.m.212 views

CVE-2010-3705

The vulnerability CVE-2010-3705 affects the Linux kernel SCTP code: sctp_auth_asoc_get_hmac in net/sctp/auth.c does not validate the hmac_ids array from a remote peer, enabling remote attackers to trigger memory corruption and a kernel panic. Affected versions are Linux kernel before 2.6.36; reme...

8.3CVSS5.8AI score0.02024EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.210 views

CVE-2010-4249

CVE-2010-4249 affects the Linux kernel before 2.6.37-rc3-next-20101125: the wait_for_unix_gc routine in net/unix/garbage.c does not properly select times for garbage-collecting inflight sockets, enabling local users to cause a denial of service (system hang) by crafting socketpair and sendmsg cal...

4.9CVSS6.8AI score0.00888EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.205 views

CVE-2010-4258

The CVE-2010-4258 issue affects the Linux kernel versions prior to 2.6.36.2. The do_exit function in kernel/exit.c mishandles a KERNEL_DS get_fs value, bypassing access_ok checks and enabling local privilege escalation by overwriting arbitrary kernel memory. Exploitation vectors include use of th...

6.2CVSS6AI score0.02655EPSS
CVE
CVE
added 2010/09/22 6:0 p.m.159 views

CVE-2010-3301

Summary: CVE-2010-3301 affects the Linux kernel IA32 system call emulation on x86_64 where the 32‑bit entry path to ptrace does not zero‑extend %eax, enabling local privilege escalation via an out‑of‑bounds access to the syscall table. Impact: local users can gain privileges. Affected versions: k...

7.2CVSS7.5AI score0.03818EPSS
CVE
CVE
added 2010/12/23 5:0 p.m.150 views

CVE-2010-3881

The CVE-2010-3881 issue affects the Linux kernel arch/x86/kvm/x86.c, where several structure members are not initialized in versions prior to 2.6.36.2. This can allow local users to read potentially sensitive data from kernel stack memory via /dev/kvm. The documented fix is in kernel 2.6.36.2 (an...

2.1CVSS5.8AI score0.0048EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.150 views

CVE-2010-4073

CVE-2010-4073 affects the Linux kernel IPC compatibility code: before 2.6.37-rc1, several compat syscall handlers (ipc/compat.c and ipc/compat_mq.c) fail to initialize certain structures, enabling local attackers to read potentially sensitive kernel stack memory via vectors in compat_sys_semctl, ...

1.9CVSS5.7AI score0.01542EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.150 views

CVE-2010-4158

The CVE-2010-4158 issue affects the Linux kernel (pre-2.6.36.2) where sk_run_filter in net/core/filter.c may execute BPF_S_LD_MEM or BPF_S_LDX_MEM before a memory location is initialized. This can allow local users to read potentially sensitive kernel stack memory via a crafted socket filter. The...

2.1CVSS5.6AI score0.00868EPSS
CVE
CVE
added 2010/11/30 9:19 p.m.148 views

CVE-2010-3858

CVE-2010-3858 is a Linux kernel vulnerability described in MiracleLinux advisories as affecting fs/exec.c with CONFIG_STACK_GROWSDOWN. On 64-bit platforms, for 32-bit applications, the setup_arg_pages function does not properly constrain stack usage of arguments and environment, enabling local us...

4.9CVSS6.3AI score0.00913EPSS
CVE
CVE
added 2010/11/20 9:0 p.m.142 views

CVE-2010-3432

CVE-2010-3432 affects the Linux kernel SCTP stack: sctp_packet_config in net/sctp/output.c initializes packet data structures too aggressively in kernels before 2.6.35.6, enabling remote attackers to trigger a denial of service (panic) via a specific SCTP traffic sequence. Affected component: ker...

7.8CVSS5.7AI score0.05542EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.141 views

CVE-2010-2798

The CVE-2010-2798 entry concerns the Linux kernel prior to 2.6.35, where gfs2_dirent_find_space uses an incorrect size value in calculations related to sentinel directory entries. This can allow local attackers to trigger a denial of service via a NULL pointer dereference and kernel panic, with a...

7.8CVSS7.3AI score0.00414EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.138 views

CVE-2010-3850

CVE-2010-3850: In the Linux kernel, the ec_dev_ioctl function in net/econet/af_econet.c did not require CAP_NET_ADMIN, allowing local users to bypass access restrictions and configure econet addresses via an SIOCSIFADDR ioctl. Documented impact is local privilege/unauthorized configuration; fix a...

2.1CVSS5.8AI score0.00801EPSS
CVE
CVE
added 2010/11/30 10:0 p.m.138 views

CVE-2010-4081

CVE-2010-4081 affects the Linux kernel (sound/pci/rme9652/hdspm.c: snd_hdspm_hwdep_ioctl). The root cause is failure to initialize a structure, enabling local users to read potentially sensitive kernel stack memory via SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO. Affected: kernel versions prior to 2.6.36-r...

1.9CVSS5.5AI score0.00393EPSS
CVE
CVE
added 2010/09/21 5:0 p.m.137 views

CVE-2010-3067

CVE-2010-3067 affects the Linux kernel: an integer overflow in do_io_submit (fs/aio.c) in versions before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly other impact via crafted io_submit usage. The vulnerability is rooted in improper handling within the io_s...

4.9CVSS6.8AI score0.00428EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.135 views

CVE-2010-3442

Technical details for CVE-2010-3442 are not publicly provided in the connected documents. The sources reference the CVE and affected kernel versions but do not describe exploitability, impact specifics, or fixes. Monitor for vendor advisories and updates.

4.7CVSS6.5AI score0.00395EPSS
CVE
CVE
added 2010/12/29 5:27 p.m.133 views

CVE-2010-3859

CVE-2010-3859 stems from multiple signedness errors in the Linux kernel’s TIPC implementation, allowing local privilege escalation via a crafted sendmsg that triggers a heap-based buffer overflow in tipc_msg_build and related iovec handling (verify_iovec). Public sources confirm affected historic...

6.9CVSS7.5AI score0.00397EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.133 views

CVE-2010-4075

The CVE-2010-4075 entry affects the Linux kernel module code: uart_get_count (drivers/serial/serial_core.c) in versions prior to 2.6.37-rc1. The vulnerability arises from not properly initializing a certain structure member, enabling local users to read potentially sensitive information from kern...

1.9CVSS5.5AI score0.00387EPSS
CVE
CVE
added 2010/11/26 6:23 p.m.131 views

CVE-2010-2962

The CVE-2010-2962 issue affects the Intel i915 DRM GEM in the Linux kernel prior to 2.6.36. It arises from insufficient validation of pointers to memory blocks in i915_gem.c, enabling local users to write to kernel memory via crafted ioctl usage (pwrite/pread) and potentially gain privileges.

7.2CVSS6.2AI score0.00483EPSS
CVE
CVE
added 2010/09/30 2:0 p.m.131 views

CVE-2010-3296

CVE-2010-3296 affects the Linux kernel driver cxgb3 (cxgb_extension_ioctl in drivers/net/cxgb3/cxgb3_main.c). The advisory states that the code path in kernels up to 2.6.36-rc5 does not properly initialize a structure member, allowing a local user to potentially read sensitive data from kernel st...

2.1CVSS5.5AI score0.00432EPSS
CVE
CVE
added 2010/12/10 6:0 p.m.131 views

CVE-2010-3880

CVE-2010-3880 affects the Linux kernel (net/ipv4/inet_diag.c) prior to 2.6.37-rc2. The issue is improper auditing of INET_DIAG bytecode, enabling a local user to trigger a kernel infinite loop and cause a denial of service via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message conta...

4.9CVSS5.8AI score0.00435EPSS
CVE
CVE
added 2010/09/21 7:0 p.m.127 views

CVE-2010-3477

The CVE-2010-3477 issue affects the Linux kernel’s net/sched/act_police.c (tcf_act_police_dump) in versions before 2.6.36-rc4. The root cause is incomplete initialization of certain structure members during dump operations, allowing local users to read potentially sensitive kernel memory. The vul...

2.1CVSS5.8AI score0.00404EPSS
CVE
CVE
added 2010/12/10 6:0 p.m.127 views

CVE-2010-4157

CVE-2010-4157 involves an integer overflow in the Linux kernel’s GDTH SCSI driver (gdth_ioctl_alloc/ioc_general) on 64-bit platforms. A 32/64-bit mismatch when handling a large argument in an ioctl can cause memory corruption, enabling a local user to trigger a denial of service (and potentially ...

6.2CVSS7.8AI score0.0054EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.126 views

CVE-2010-3848

CVE-2010-3848 is a Linux kernel vulnerability: a stack-based buffer overflow in econet_sendmsg (net/econet/af_econet.c) when Econet is configured, caused by handling a large number of iovec structures. This allows local privilege escalation. The flaw affects Linux kernels before 2.6.36.2 and is a...

6.9CVSS6.3AI score0.00703EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.126 views

CVE-2010-4072

CVE-2010-4072 affects the Linux kernel: the copy_shmid_to_user function in ipc/shm.c (pre-2.6.37-rc1) does not initialize a certain structure, enabling local users to leak potentially sensitive information from kernel stack memory via the shmctl interface and the old shm interface. Affected produ...

1.9CVSS5.8AI score0.00384EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.125 views

CVE-2010-2495

CVE-2010-2495 affects the Linux kernel’s L2TP implementation (pppol2tp.c). The vulnerability arises from improper validation of certain interface-related values in pppol2tp_xmit, enabling a NULL pointer dereference and an OOPs that can cause a denial of service via routing-change vectors. The iss...

10CVSS6.4AI score0.02931EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.125 views

CVE-2010-2524

CVE-2010-2524 affects the Linux kernel CIFS DNS upcall: when CONFIG_CIFS_DFS_UPCALL is enabled, DNS resolution relies on a user keyring via the dns_resolver upcall in the cifs.upcall userspace helper. This allows local privileged or nearby users to spoof DNS query results and mount arbitrary CIFS...

7.8CVSS7AI score0.00423EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.125 views

CVE-2010-3437

The vulnerability CVE-2010-3437 affects the Linux kernel (before 2.6.36-rc6) in pkt_find_dev_from_minor within drivers/block/pktcdvd.c. A crafted index value passed via PKT_CTRL_CMD_STATUS ioctl can cause a signedness error, enabling local attackers to read kernel memory or trigger a crash (DoS)....

6.6CVSS5.6AI score0.02396EPSS
In wild
CVE
CVE
added 2010/11/26 6:23 p.m.125 views

CVE-2010-3698

The CVE-2010-3698 entry concerns the KVM implementation in Linux kernels prior to 2.6.36. The root cause is that the kernel does not properly reload the FS and GS segment registers when handling KVM_RUN with a modified Local Descriptor Table (LDT). Impact: host OS users can cause a denial of serv...

4.9CVSS5.7AI score0.00421EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.125 views

CVE-2010-3849

CVE-2010-3849 affects the Linux kernel’s econet_sendmsg path (net/econet/af_econet.c) prior to 2.6.36.2, when an Econet address is configured. A local user can trigger a denial of service by issuing a sendmsg with a NULL remote address, causing a NULL pointer dereference and OOPS. The correspondi...

4.7CVSS5.7AI score0.00711EPSS
In wild
CVE
CVE
added 2010/11/30 10:0 p.m.125 views

CVE-2010-4083

CVE-2010-4083 affects the Linux kernel (pre-2.6.36). The vulnerable code path is copy_semid_to_user() in ipc/sem.c, where a structure is not initialized, enabling local attackers to leak kernel stack memory via semctl commands (IPC_INFO, SEM_INFO, IPC_STAT, SEM_STAT). The issue is mitigated by up...

1.9CVSS5.8AI score0.00387EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.124 views

CVE-2010-2959

The CVE-2010-2959 issue affects the Linux kernel CAN subsystem, specifically the can/bcm.c implementation, due to an integer overflow vulnerability. This flaw can allow local attackers to execute arbitrary code or cause a system crash (DoS) via crafted CAN traffic. Public advisories confirm vulne...

7.2CVSS7.8AI score0.03746EPSS
In wild
CVE
CVE
added 2010/12/22 8:0 p.m.124 views

CVE-2010-4346

The vulnerability CVE-2010-4346 affects the Linux kernel: install_special_mapping in mm/mmap.c before 2.6.37-rc6 does not call security_file_mmap as expected, allowing local users to bypass mmap_min_addr restrictions and potentially trigger NULL pointer dereference via a crafted assembly-language...

2.1CVSS5.8AI score0.00402EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.122 views

CVE-2010-2492

CVE-2010-2492 affects the Linux kernel’s eCryptfs component: a buffer overflow in the ecryptfs_uid_hash macro (fs/ecryptfs/messaging.c) could allow local privilege escalation or a denial of service. The MiracleLinux AXSA advisory lists this CVE among kernel issues and specifies the flaw occurs in...

7.8CVSS7.3AI score0.00434EPSS
CVE
CVE
added 2010/11/20 9:0 p.m.122 views

CVE-2010-4165

CVE-2010-4165 affects the Linux kernel prior to 2.6.37-rc2. The do_tcp_setsockopt function does not properly constrain TCP_MAXSEG (MSS) values, allowing a local user to trigger a denial of service via a setsockopt with a small value, leading to a divide-by-zero or signed-integer misuse. Evidence ...

4.9CVSS6.8AI score0.01355EPSS
CVE
CVE
added 2010/02/17 6:0 p.m.121 views

CVE-2010-0307

CVE-2010-0307 affects the Linux kernel (x86_64) prior to 2.6.32.8 where load_elf_binary in fs/binfmt_elf.c may call SET_PERSONALITY before confirming the ELF interpreter exists, enabling a local DoS via a 32-bit process launching a 64-bit one and triggering a segmentation fault (flush_old_exec re...

4.7CVSS5.5AI score0.00833EPSS
CVE
CVE
added 2010/11/30 10:0 p.m.119 views

CVE-2010-4080

CVE-2010-4080 affects the Linux kernel: snd_hdsp_hwdep_ioctl in sound/pci/rme9652/hdsp.c does not initialize a structure, enabling local attackers to leak kernel stack information via SNDRV_HDSP_IOCTL_GET_CONFIG_INFO. Affected products/versions: Linux kernel before 2.6.36-rc6. Impact is an inform...

2.1CVSS5.6AI score0.0042EPSS
CVE
CVE
added 2010/05/07 6:23 p.m.118 views

CVE-2010-1437

CVE-2010-1437 is a race condition in the Linux kernel’s keyring handling (find_keyring_by_name in security/keys/keyring.c) affecting version 2.6.34-rc5 and earlier. A local user can exploit this via keyctl session commands that access a dead keyring being deleted by key_cleanup, leading to memory...

7CVSS7.2AI score0.00658EPSS
CVE
CVE
added 2010/09/21 5:0 p.m.118 views

CVE-2010-3080

CVE-2010-3080 is a double-free vulnerability in the Linux kernel’s snd_seq_oss_open() (sound/core/seq/oss/seq_oss_init.c) affecting kernels before 2.6.36-rc4. An unsuccessful open of /dev/sequencer could trigger kernel memory corruption, leading to local denial of service and potentially other im...

7.2CVSS7.7AI score0.00416EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.116 views

CVE-2010-2803

CVE-2010-2803 affects the Linux kernel DRM subsystem. The drm_ioctl path in drivers/gpu/drm/drm_drv.c allows a local user to request a large memory allocation and may leak kernel memory contents. Affected trees/versions include 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2...

1.9CVSS6.8AI score0.00467EPSS
CVE
CVE
added 2010/09/30 2:0 p.m.116 views

CVE-2010-2943

CVE-2010-2943 affects the Linux kernel's XFS implementation up to version 2.6.34, where inode allocation B-trees are not consulted before reading inode buffers. This allows remote authenticated users to read unlinked files or read/overwrite disk blocks that were previously allocated to an unlinke...

8.1CVSS7.2AI score0.17009EPSS
CVE
CVE
added 2010/09/03 7:0 p.m.115 views

CVE-2010-2954

The CVE-2010-2954 issue affects the Linux kernel IRDA stack: irda_bind in net/irda/af_irda.c may dereference a NULL pointer when irda_open_tsap fails, causing local denial of service (kernel panic) via repeated unsuccessful binds on AF_IRDA (PF_IRDA) sockets. Affected software is the Linux kernel...

4.9CVSS7.3AI score0.00422EPSS
CVE
CVE
added 2010/12/29 5:27 p.m.115 views

CVE-2010-3874

CVE-2010-3874: Heap-based buffer overflow in the bcm_connect function of net/can/bcm.c (Broadcast Manager) in the Linux kernel CAN implementation. Affects 64-bit kernels, before 2.6.36.2, enabling local attackers to cause memory corruption and a denial of service via a connect operation. The conn...

4CVSS7AI score0.00395EPSS
CVE
CVE
added 2010/09/03 7:0 p.m.114 views

CVE-2010-2226

CVE-2010-2226 affects the Linux kernel: the xfs_swapext function in fs/xfs/xfs_dfrag.c does not properly validate file descriptors passed to the SWAPEXT ioctl, enabling a local user with write access to swap a file into another and gain read access. The issue is present in kernel versions before ...

2.1CVSS6.9AI score0.00434EPSS
CVE
CVE
added 2010/11/26 6:23 p.m.112 views

CVE-2010-2963

CVE-2010-2963 affects the Linux kernel’s Video4Linux (V4L) implementation on x86_64, where a flaw in the v4l2-compat ioctl32 code fails to validate the destination of a memory copy, enabling a local user to write arbitrary kernel memory via VIDIOCSTUNER on a /dev/video device followed by VIDIOCSM...

6.2CVSS6AI score0.00816EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.112 views

CVE-2010-4078

CVE-2010-4078 affects the Linux kernel before 2.6.36-rc6, where the sisfb_ioctl function in drivers/video/sis/sis_main.c fails to properly initialize a structure member. This allows local users to leak potentially sensitive information from kernel stack memory via the FBIOGET_VBLANK ioctl. Connec...

1.9CVSS7AI score0.0038EPSS
CVE
CVE
added 2010/11/20 9:0 p.m.112 views

CVE-2010-4169

CVE-2010-4169 is a Linux kernel use-after-free in mm/mprotect.c, vulnerable before 2.6.37-rc2. Local users can trigger a denial of service via an mprotect syscall. The MiracleLinux advisory AXSA:2011-80:02 confirms the issue among kernel fixes; remediation is to upgrade to kernel 2.6.37-rc2 or ne...

4.9CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2010/12/22 8:0 p.m.112 views

CVE-2010-4347

CVE-2010-4347 affects the Linux kernel’s ACPI subsystem. The vulnerability arises in the debugfs interface (custom_method file) which, due to world-writable 0222 permissions, lets a local user place a custom ACPI method in interpreter tables via acpi_debugfs_init in drivers/acpi/debugfs.c. This c...

6.9CVSS7.2AI score0.02203EPSS
Web
CVE
CVE
added 2010/12/10 6:0 p.m.111 views

CVE-2010-3861

CVE-2010-3861 affects the Linux kernel up to version 2.6.36. The vulnerability arises in the ethtool_get_rxnfc function in net/core/ethtool.c, which fails to initialize a certain block of heap memory. This can allow a local user to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLA...

2.1CVSS7.1AI score0.00407EPSS
CVE
CVE
added 2010/11/30 10:0 p.m.111 views

CVE-2010-4082

CVE-2010-4082 affects the Linux kernel prior to 2.6.36-rc5, where viafb_ioctl_get_viafb_info in drivers/video/via/ioctl.c fails to initialize a structure member. This can allow local users to leak potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call. The issu...

1.9CVSS5.4AI score0.0038EPSS
CVE
CVE
added 2010/02/21 10:0 p.m.110 views

CVE-2010-0410

CVE-2010-0410 affects the Linux kernel up to version 2.6.32.7, via drivers/connector/connector.c, allowing local users to cause memory exhaustion and a system crash by flooding NETLINK_CONNECTOR messages. The MiracleLinux advisories (AXSA:2010-285:05 and AXSA:2010-323:11) explicitly include CVE-2...

4.9CVSS6.1AI score0.00447EPSS
Total number of security vulnerabilities73