60 matches found
CVE-2010-3873
CVE-2010-3873 affects the Linux kernel X.25 implementation prior to 2.6.36.2. The vulnerability arises from improper parsing of facilities, allowing a remote attacker to trigger heap memory corruption and a kernel panic (partial availability) via malformed X25_FAC_CALLING_AE or X25_FAC_CALLED_AE ...
CVE-2011-1093
CVE-2011-1093 affects the Linux kernel’s Datagram Congestion Control Protocol (DCCP). The vulnerable code path is dccp_rcv_state_process in net/dccp/input.c, which mishandles packets for a CLOSED endpoint. An attacker can trigger a NULL pointer dereference and OOPS by sending a DCCP-Close packet ...
CVE-2010-4243
CVE-2010-4243 affects the Linux kernel up to version 2.6.37. The issue is in fs/exec.c where the OOM Killer does not assess stack memory usage of the arrays representing (1) arguments and (2) environment during an exec, enabling a local user to cause memory exhaustion (denial of service) via a cr...
CVE-2010-3876
CVE-2010-3876 affects the Linux kernel: the code path net/packet/af_packet.c in kernel versions before 2.6.37-rc2 does not properly initialize certain structure members, allowing local users with CAP_NET_RAW to read copies of the applicable structures from kernel stack memory. Publicly document d...
CVE-2011-0521
The CVE-2011-0521 issue affects the Linux kernel’s dvb_ca_ioctl in drivers/media/dvb/ttpci/av7110_ca.c, where the sign of a certain integer field is not checked in versions before 2.6.38-rc2. This allows local users to cause a denial of service via memory corruption and potentially other unspecif...
CVE-2011-0711
CVE-2011-0711 affects the Linux kernel through the xfs_fs_geometry function in fs/xfs/xfs_fsops.c. The vulnerability arises because a structure member is not initialized, enabling local attackers to read potentially sensitive data from kernel stack memory via the FSGEOMETRY_V1 ioctl. The affected...
CVE-2011-1020
CVE-2011-1020 affects the Linux kernel (2.6.37 and earlier) where the proc filesystem does not restrict access to /proc after a process execs a setuid program. This can let local attackers obtain sensitive information or cause a denial of service by performing open, lseek, read, or write operatio...
CVE-2011-1745
The CVE-2011-1745 entry affects the Linux kernel: an integer overflow in the agp_generic_insert_memory function (drivers/char/agp/generic.c) in kernels before 2.6.38.5. This allows local users to gain privileges or cause a denial of service via a crafted AGPIOC_BIND agp_ioctl call. Affected platf...
CVE-2011-1746
The CVE affects the Linux kernel prior to 2.6.38.5, specifically the AGP subsystem in drivers/char/agp/generic.c. It is caused by multiple integer overflows in the functions agp_allocate_memory and agp_create_user_memory, allowing local users to trigger buffer overflows and potentially crash the ...
CVE-2010-4655
CVE-2010-4655 affects the Linux kernel’s net/core/ethtool.c, where uninitialized data structures in ethtool ioctl handling could allow a local user with CAP_NET_ADMIN to leak information from kernel heap memory. The initial description specifies the vulnerability exists in kernel builds before 2....
CVE-2011-1776
The CVE-2011-1776 issue affects the Linux kernel’s is_gpt_valid function (fs/partitions/efi.c). It does not validate the size of a GPT entry, allowing physically proximate attackers to trigger a heap-based buffer overflow and OOPS or potentially read kernel heap memory when a crafted GPT storage ...
CVE-2011-2022
The CVE-2011-2022 issue affects the Linux kernel (drivers/char/agp/generic.c) prior to 2.6.38.5. The vulnerability is due to failure to validate a start parameter in the agp_generic_remove_memory function, enabling local users to gain privileges or cause a denial of service (system crash) via a c...
CVE-2010-4163
The CVE-2010-4163 issue affects the Linux kernel, where blk_rq_map_user_iov in block/blk-map.c is vulnerable before version 2.6.36.2. A local attacker can trigger a denial of service (kernel panic) by submitting a zero-length I/O request via a device ioctl to a SCSI device. The description explic...
CVE-2011-1010
Concretely, CVE-2011-1010 is reported in MiracleLinux advisory AXSA:2011-282:05 as affecting kernel-2.6.18-238.2.AXS3. It describes a buffer overflow in the mac_partition function (fs/partitions/mac.c) of the Linux kernel, prior to version 2.6.37.2, which can allow a local user to cause a denial ...
CVE-2010-3875
CVE-2010-3875 affects the Linux kernel, specifically the ax25_getname function in net/ax25/af_ax25.c. The root cause is that a structure is not initialized, enabling local users to read a copy of kernel stack memory and potentially obtain sensitive information. The issue is tied to kernels prior ...
CVE-2011-1013
CVE-2011-1013 is an integer signedness error in the drm_modeset_ctl ioctl handling that affects the Linux kernel prior to 2.6.38 and OpenBSD prior to 4.9, allowing local users to trigger out-of-bounds writes and potentially crash the system or cause other impact via a crafted vb_num in an ioctl. ...
CVE-2010-3877
The CVE-2010-3877 issue affects the Linux kernel (as cited in MiracleLinux AXSA:2011-143:02 and related advisories) where get_name in net/tipc/socket.c does not initialize a structure, enabling local attackers to read uninitialized kernel stack memory and leak information. Impact is a local infor...
CVE-2010-4649
The CVE-2010-4649 issue affects the Linux kernel up to 2.6.37, where an Integer overflow in ib_uverbs_poll_cq (drivers/infiniband/core/uverbs_cmd.c) allows a local user to cause memory corruption and a possible DoS or other unspecified impact when a structure member is large. The vulnerability re...
CVE-2010-4164
CVE-2010-4164 affects the Linux kernel prior to 2.6.36.2, where multiple integer underflows occur in the x25_parse_facilities function (net/x25/x25_facilities.c). This can allow a remote attacker to cause a denial of service (system crash) via malformed X.25 facility data (X25_FAC_CLASS_A/B/C/D)....
CVE-2010-4668
CVE-2010-4668 affects the Linux kernel up to 2.6.37-rc7, where blk_rq_map_user_iov in block/blk-map.c allows a local user to trigger a panic/DoS via a zero-length I/O request to a SCSI device, due to an unaligned map. The vulnerability is tied to an incomplete fix for CVE-2010-4163. Affected vers...
CVE-2010-4251
CVE-2010-4251 affects the Linux kernel up to version 2.6.34. The vulnerability lies in the socket backlog handling in net/core/sock.c, which allows remote attackers to cause memory exhaustion DoS by sending大量 network traffic (e.g., UDP via netperf). The issue is addressed by the 2.6.34 changelog ...
CVE-2011-1017
CVE-2011-1017 relates to a heap-based buffer overflow in the Linux kernel’s LDM code path. Affected component: fs/partitions/ldm.c (ldm_frag_add) in kernel 2.6.37.2 and earlier. Root cause cited in connected docs: bugs in evaluating LDM partitions could crash the kernel for certain corrupted LDM ...
CVE-2011-1044
CVE-2011-1044 affects the Linux kernel (pre-2.6.37) and is caused by ib_uverbs_poll_cq in drivers/infiniband/core/uverbs_cmd.c not initializing a certain response buffer. This allows local attackers to read potentially sensitive data from kernel memory via vectors that fill the buffer only partia...
CVE-2011-1082
CVE-2011-1082 affects the Linux kernel prior to 2.6.38. The flaw is in fs/eventpoll.c where epoll file descriptors may be placed inside other epoll data structures without proper validation of closed loops or deep chains. This can let a local user cause a denial of service (deadlock or stack memo...
CVE-2011-1076
CVE-2011-1076 affects the Linux kernel up to 2.6.37 in dns_key.c; remote DNS servers sending invalid responses can trigger a NULL pointer dereference/OOPS, leading to a denial of service. Reports from SUSE/Red Hat/NVD corroborate. Remediation: upgrade to kernel 2.6.38 or newer (vendor patches). E...
CVE-2011-2213
The CVE-2011-2213 issue concerns the Linux kernel vulnerability in inet_diag_bc_audit (net/ipv4/inet_diag.c) present before 2.6.39.3. Affected component audits INET_DIAG bytecode and, when processing crafted INET_DIAG_REQ_BYTECODE messages (e.g., an INET_DIAG_BC_JMP with a zero yes value), allows...
CVE-2011-2492
CVE-2011-2492 affects the Linux kernel Bluetooth subsystem prior to 3.0-rc4, where certain data structures are not properly initialized. The flaw is exploited via a crafted getsockopt system call in the l2cap_sock_getsockopt_old and rfcomm_sock_getsockopt_old paths, enabling local users to obtain...
CVE-2011-1593
CVE-2011-1593 affects the Linux kernel before 2.6.38.4, where multiple integer overflows in the next_pidmap function (kernel/pid.c) allow a local user to crash the system via crafted getdents or readdir calls. The connected advisories confirm the affected component and the root cause (integer ove...
CVE-2010-4160
The CVE-2010-4160 issue is present in the Linux kernel before 2.6.36.2, involving multiple integer overflows in the PPPoL2TP and IPoL2TP sendmsg paths (pppol2tp_sendmsg and l2tp_ip_sendmsg). The vulnerability can allow local users to trigger a denial of service through heap memory corruption and ...
CVE-2010-4656
CVE-2010-4656 affects the Linux kernel’s USB iowarrior driver (drivers/usb/misc/iowarrior.c). The root cause is improper buffer/memory allocation in iowarrior_write, enabling a heap-based buffer overflow via a long report from a malicious device. This aligns with openSUSE/SUSE advisories noting a...
CVE-2011-0712
Technical details about CVE-2011-0712 are not publicly provided in the supplied documents. Monitor for updates in connected advisories; no confirmed affected products, versions, or fixes are stated here.
CVE-2011-1770
CVE-2011-1770 affects the Linux kernel up to version 2.6.33.14, where an integer underflow in dccp_parse_options (net/dccp/options.c) can be triggered by a DCCP packet with an invalid feature options length, causing a buffer over-read and remote denial of service. The vulnerability is exploitable...
CVE-2010-4527
The CVE-2010-4527 entry concerns the Linux kernel OSS sound driver (load_mixer_volumes in sound/oss/soundcard.c). It arises because a name field is not guaranteed to end with a NUL, enabling a local user to trigger a buffer overflow via SOUND_MIXER_SETLEVELS, with potential to escalate privileges...
CVE-2011-1163
Vulnerability: CVE-2011-1163 affects the Linux kernel (fs/partitions/osf.c) where osf_partition mishandles an invalid number of partitions, potentially allowing local attackers to read kernel heap memory via partition-table parsing vectors. Affected: Linux kernel versions prior to 2.6.38. Root ca...
CVE-2011-1478
CVE-2011-1478 affects the Linux kernel’s GRO napi_reuse_skb path: it does not reset certain structure members in net/core/dev.c, enabling a remote attacker to trigger a NULL pointer dereference via a malformed VLAN frame and cause a denial of service. The vulnerability is present in kernels befor...
CVE-2011-2723
CVE-2011-2723 affects the Linux kernel prior to 2.6.39.4 where the skb_gro_header_slow handling under GRO can reset fields incorrectly, enabling remote attackers to cause a denial of service (system crash) via crafted network traffic. Connected advisories confirm this CVE is referenced alongside ...
CVE-2010-4263
The CVE-2010-4263 issue involves the Intel igb driver (drivers/net/igb/igb_main.c) in the Linux kernel and its handling of VLAN-tagged frames when SR-IOV and promiscuous mode are enabled but no VLANs are registered. In kernels before 2.6.34, processing such frames could trigger a NULL pointer der...
CVE-2010-4162
CVE-2010-4162: Linux kernel before 2.6.36.2 contains multiple integer overflows in fs/bio.c that allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. MiracleLinux AXSA:2011-57 lists CVE-2010-4162 among affected kernel issues and references a f...
CVE-2011-2689
The vulnerability CVE-2011-2689 affects the Linux kernel’s gfs2_fallocate path (fs/gfs2/file.c). It occurs in versions before 3.0-rc1, where the size of a chunk allocation may not be a multiple of the filesystem block size. This can allow a local user to trigger a denial of service and system cra...
CVE-2011-2497
CVE-2011-2497 is a Linux kernel Bluetooth L2CAP underflow/overflow issue. The vulnerability arises from an integer underflow in l2cap_config_req in net/bluetooth/l2cap_core.c, enabling remote attackers to trigger a heap memory corruption or buffer overflow via a small command-size value in an L2C...
CVE-2011-1598
CVE-2011-1598 affects the Linux kernel’s CAN subsystem: the bcm_release function in net/can/bcm.c does not validate a socket data structure, enabling a local user to trigger a NULL pointer dereference and cause a denial of service. The affected version range is kernel 2.6.39-rc6 and earlier. Reso...
CVE-2011-1771
CVE-2011-1771 affects the Linux kernel up to version 2.6.38, specifically the cifs_close function in fs/cifs/file.c. If a local user opens a CIFS file with the O_DIRECT flag, it can trigger a NULL pointer dereference (and BUG), causing a denial of service or unspecified impact. Mitigation: upgrad...
CVE-2011-1016
CVE-2011-1016 concerns the Linux kernel Radeon GPU drivers and their DRM subsystem. The affected component is the Radeon GPU driver (radeon/kms) in kernels before 2.6.38-rc5, where data related to the AA resolve registers was not properly validated. This could allow a local user to write to arbit...
CVE-2010-4529
CVE-2010-4529 refers to an integer underflow in the irda_getsockopt function (net/irda/af_irda.c) of the Linux kernel prior to 2.6.37 on non-x86 platforms. This underflow could allow a local attacker to obtain potentially sensitive information from kernel heap memory via an IRLMP_ENUMDEVICES gets...
CVE-2011-1748
CVE-2011-1748 affects the Linux kernel: the raw_release function in net/can/raw.c fails to validate a socket data structure, enabling local users to trigger a NULL pointer dereference (denial of service) or possibly other impact via a crafted release operation. Affected versions are the kernel be...
CVE-2011-0710
CVE-2011-0710 affects the Linux kernel on the s390 platform. The function task_show_regs in arch/s390/kernel/traps.c permits a local user to read the registers of an arbitrary process by reading a status file under /proc, for kernels before 2.6.38-rc4-next-20110216. The connected MiracleLinux adv...
CVE-2011-1173
CVE-2011-1173 affects the Linux kernel on x86_64 prior to 2.6.39. The vulnerability is in the econet_sendmsg function (net/econet/af_econet.c) and allows a remote attacker to read uninitialized data from kernel stack memory via an Acorn Universal Networking (AUN) packet, enabling information disc...
CVE-2011-1012
CVE-2011-1012 affects the Linux kernel, in particular the LDM partition handling. The flaw lies in ldm_parse_vmdb in fs/partitions/ldm.c, which does not validate the VBLK size in the VMDB structure of an LDM partition table. A crafted partition table can trigger a divide-by-zero and cause a kerne...
CVE-2010-3448
CVE-2010-3448 affects the Linux kernel’s ThinkPad ThinkPad ACPI driver (drivers/platform/x86/thinkpad_acpi.c) on ThinkPad systems using X.Org prior to 2.6.34. The issue allows a local attacker to access and manipulate the video output control state without proper restriction, enabling a denial of...
CVE-2010-4805
CVE-2010-4805 affects the Linux kernel socket backlog handling in net/core/sock.c prior to 2.6.35, allowing remote DoS via large traffic (backlog management related to sk_add_backlog and sk_rmem_alloc). The entry notes this vulnerability exists due to an incomplete fix for CVE-2010-4251. The conn...