Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
LinuxLinux Kernel2.6.28.1

56 matches found

CVE
CVEadded 2011/05/03 7:55 p.m.178 views

CVE-2011-1495

drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information fro...

7.2CVSS7.5AI score0.00132EPSS
CVE
CVEadded 2011/05/03 7:55 p.m.142 views

CVE-2011-1494

Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffe...

6.9CVSS7.7AI score0.00145EPSS
CVE
CVEadded 2009/04/27 6:0 p.m.121 views

CVE-2009-1439

Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.

7.8CVSS4.8AI score0.02344EPSS
CVE
CVEadded 2010/08/20 6:0 p.m.114 views

CVE-2010-3015

Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a sync operation.

4.7CVSS7AI score0.00149EPSS
CVE
CVEadded 2009/11/09 7:30 p.m.113 views

CVE-2009-3726

The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of a...

7.8CVSS5.9AI score0.05824EPSS
CVE
CVEadded 2009/02/22 10:30 p.m.112 views

CVE-2009-0676

The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.

2.1CVSS4.9AI score0.00169EPSS
CVE
CVEadded 2009/04/24 3:30 p.m.110 views

CVE-2009-1192

The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by re...

4.9CVSS4.4AI score0.0009EPSS
CVE
CVEadded 2009/07/31 7:0 p.m.106 views

CVE-2009-2406

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related t...

6.9CVSS5.9AI score0.00252EPSS
CVE
CVEadded 2009/06/16 11:30 p.m.105 views

CVE-2009-1389

Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.

7.8CVSS5.3AI score0.05521EPSS
CVE
CVEadded 2011/05/03 7:55 p.m.105 views

CVE-2011-1577

Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on remo...

4.9CVSS7.8AI score0.00123EPSS
CVE
CVEadded 2011/06/22 10:55 p.m.104 views

CVE-2011-1171

net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by lev...

2.1CVSS7.5AI score0.00041EPSS
CVE
CVEadded 2010/05/07 6:30 p.m.101 views

CVE-2010-1173

The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error...

7.1CVSS6.2AI score0.11434EPSS
CVE
CVEadded 2011/05/09 7:55 p.m.101 views

CVE-2011-1090

The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service (panic) via a crafted attempt to set an ACL.

4.9CVSS7AI score0.00084EPSS
CVE
CVEadded 2011/06/22 10:55 p.m.100 views

CVE-2011-1172

net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by le...

2.1CVSS7.5AI score0.00042EPSS
CVE
CVEadded 2009/08/28 3:30 p.m.97 views

CVE-2009-2695

The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the default configuration of the allow_unconfined_mma...

7.2CVSS6.8AI score0.00078EPSS
CVE
CVEadded 2009/02/22 10:30 p.m.95 views

CVE-2009-0675

The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted log...

2.1CVSS4.8AI score0.00076EPSS
CVE
CVEadded 2009/02/27 5:30 p.m.94 views

CVE-2009-0745

The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not properly initialize the group descriptor during a resize (aka resize2fs) operation, which might allow local users to cause a denial of service (OOPS) by arranging for craf...

4.9CVSS6.8AI score0.00055EPSS
CVE
CVEadded 2009/12/08 11:30 p.m.93 views

CVE-2009-1298

The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, pos...

7.8CVSS6.5AI score0.02324EPSS
CVE
CVEadded 2011/07/18 10:55 p.m.92 views

CVE-2011-0726

The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing...

2.1CVSS6.7AI score0.0011EPSS
CVE
CVEadded 2009/04/22 3:30 p.m.87 views

CVE-2009-1337

The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec syste...

4.4CVSS5.3AI score0.00298EPSS
CVE
CVEadded 2009/07/31 7:0 p.m.87 views

CVE-2009-2407

Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to ...

6.9CVSS5.9AI score0.00281EPSS
CVE
CVEadded 2009/12/16 7:30 p.m.87 views

CVE-2009-4138

drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet tha...

4.7CVSS7AI score0.00081EPSS
CVE
CVEadded 2009/12/13 1:30 a.m.86 views

CVE-2009-4131

The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions.

7.2CVSS6.5AI score0.0009EPSS
CVE
CVEadded 2009/12/13 1:30 a.m.86 views

CVE-2009-4308

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journ...

7.1CVSS6.9AI score0.03871EPSS
CVE
CVEadded 2011/06/22 10:55 p.m.84 views

CVE-2011-1170

net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by le...

2.1CVSS7.5AI score0.00041EPSS
CVE
CVEadded 2010/04/06 10:30 p.m.83 views

CVE-2010-1084

Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service (memory corruption) via a large number of Bluetooth sockets, related to the size of sysfs files in (1) net/bluetooth/l2cap.c, (2) net/bluetooth/rfcomm/core.c, (3) net/bluetooth/rfco...

7.1CVSS6.6AI score0.01393EPSS
CVE
CVEadded 2009/12/13 1:30 a.m.81 views

CVE-2009-4307

The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_p...

7.1CVSS6.5AI score0.03356EPSS
CVE
CVEadded 2010/04/06 10:30 p.m.80 views

CVE-2010-1088

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.

5.4CVSS5.6AI score0.01949EPSS
CVE
CVEadded 2009/03/23 4:30 p.m.77 views

CVE-2009-1046

The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which trigg...

4.7CVSS7AI score0.00256EPSS
CVE
CVEadded 2009/11/25 4:30 p.m.76 views

CVE-2009-4021

The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.

4.9CVSS6.6AI score0.00056EPSS
CVE
CVEadded 2009/10/20 5:30 p.m.75 views

CVE-2009-2909

Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation.

4.9CVSS5.5AI score0.00047EPSS
CVE
CVEadded 2009/11/02 3:30 p.m.75 views

CVE-2009-3624

The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to th...

4.6CVSS6.8AI score0.00063EPSS
CVE
CVEadded 2009/04/08 1:30 a.m.74 views

CVE-2009-1265

Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.

5CVSS4.2AI score0.02342EPSS
CVE
CVEadded 2009/12/02 4:30 p.m.73 views

CVE-2009-4027

Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.

7.1CVSS6.3AI score0.01135EPSS
CVE
CVEadded 2009/02/27 5:30 p.m.72 views

CVE-2009-0748

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate the superblock configuration, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) by attempting to mount a crafted ext4 file...

4.9CVSS6.7AI score0.00055EPSS
CVE
CVEadded 2009/08/18 9:0 p.m.72 views

CVE-2009-2849

The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability ...

4.7CVSS6.3AI score0.00081EPSS
CVE
CVEadded 2009/02/27 5:30 p.m.71 views

CVE-2009-0747

The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by at...

4.9CVSS6.8AI score0.00057EPSS
CVE
CVEadded 2009/11/20 2:30 a.m.71 views

CVE-2009-4005

The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read.

7.2CVSS6.8AI score0.00054EPSS
CVE
CVEadded 2009/10/29 2:30 p.m.69 views

CVE-2009-3640

The update_cr8_intercept function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc1 does not properly handle the absence of an Advanced Programmable Interrupt Controller (APIC), which allows local users to cause a denial of service (NULL pointer dereference and system...

4.9CVSS8.8AI score0.00061EPSS
CVE
CVEadded 2010/04/06 10:30 p.m.69 views

CVE-2010-1083

The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitiv...

4.7CVSS6.2AI score0.00067EPSS
CVE
CVEadded 2009/02/27 5:30 p.m.68 views

CVE-2009-0746

The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate a certain rec_len field, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.

4.9CVSS6.7AI score0.00166EPSS
CVE
CVEadded 2009/08/18 9:0 p.m.68 views

CVE-2009-2846

The eisa_eeprom_read function in the parisc isa-eeprom component (drivers/parisc/eisa_eeprom.c) in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes that ppos is positive and causes an out-of-bounds re...

7.8CVSS6.3AI score0.00314EPSS
CVE
CVEadded 2009/04/22 3:30 p.m.67 views

CVE-2009-1360

The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.

7.1CVSS4.3AI score0.01773EPSS
CVE
CVEadded 2009/10/29 2:30 p.m.66 views

CVE-2009-3638

Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.

7.2CVSS6.9AI score0.00061EPSS
CVE
CVEadded 2009/12/02 4:30 p.m.66 views

CVE-2009-4026

The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch."

7.8CVSS6.5AI score0.01292EPSS
CVE
CVEadded 2009/10/30 8:30 p.m.63 views

CVE-2009-3722

The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted applicatio...

7.1CVSS6.9AI score0.02481EPSS
CVE
CVEadded 2013/06/08 1:5 p.m.62 views

CVE-2011-4348

Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482.

7.1CVSS5.9AI score0.01166EPSS
CVE
CVEadded 2012/06/21 11:55 p.m.61 views

CVE-2011-4324

The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem.

4.9CVSS5.5AI score0.00158EPSS
CVE
CVEadded 2009/06/04 4:30 p.m.57 views

CVE-2009-1914

The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.

4.9CVSS4.2AI score0.00087EPSS
CVE
CVEadded 2009/03/25 1:30 a.m.55 views

CVE-2009-0787

The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory.

4.9CVSS6.8AI score0.00076EPSS
Total number of security vulnerabilities56