Lucene search
K
LinuxLinux Kernel2.6.38.8

19 matches found

CVE
CVE
added 2012/06/21 11:0 p.m.135 views

CVE-2011-1160

Technical details for CVE-2011-1160 are not publicly available in the supplied connected documents. The initial description identifies a kernel memory info leak in tpm_open (Linux kernel

2.1CVSS6.2AI score0.00478EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.132 views

CVE-2011-1080

CVE-2011-1080 affects the Linux kernel prior to 2.6.39 via the do_replace path in net/bridge/netfilter/ebtables.c. The issue: a name field may not end with a null terminator, enabling a local user with CAP_NET_ADMIN to replace a bridge table and read potentially sensitive data from kernel stack m...

2.1CVSS6.6AI score0.00353EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.126 views

CVE-2011-1079

The CVE-2011-1079 issue affects the Linux kernel up to version 2.6.38 (before 2.6.39) in the bnep_sock_ioctl path (net/bluetooth/bnep/sock.c). A local attacker could exploit inadequate termination of a device field (missing trailing NUL) via a BNEPCONNADD command to read kernel stack memory and p...

5.4CVSS6.5AI score0.00668EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.124 views

CVE-2011-1078

CVE-2011-1078 affects the Linux kernel prior to 2.6.39. The vulnerable code is sco_sock_getsockopt_old in net/bluetooth/sco.c, where a structure used with the SCO_CONNINFO option is not initialized, enabling a local attacker to read potentially sensitive data from kernel stack memory. Exploitatio...

1.9CVSS7.6AI score0.00365EPSS
CVE
CVE
added 2011/06/22 10:0 p.m.123 views

CVE-2011-1171

CVE-2011-1171 affects the Linux kernel prior to 2.6.39, specifically the IPv4 netfilter ip_tables.c path. The issue is that string data in certain structure members may not end with the expected null terminator, enabling a local attacker with CAP_NET_ADMIN to craft a request and read the argument...

2.1CVSS7.5AI score0.0041EPSS
CVE
CVE
added 2012/06/13 10:0 a.m.123 views

CVE-2011-2496

CVE-2011-2496 affects the Linux kernel prior to 2.6.39. An integer overflow in vma_to_resize (mm/mremap.c) lets local users trigger a BUG_ON and system crash via a crafted mremap call that expands a memory mapping. Mitigation: upgrade to kernel 2.6.39 or later where the issue is fixed. The connec...

4.9CVSS6.3AI score0.00487EPSS
CVE
CVE
added 2011/06/22 10:0 p.m.122 views

CVE-2011-1172

The CVE-2011-1172 issue affects the Linux kernel IPv6 stack (net/ipv6/netfilter/ip6_tables.c): root cause is failure to append a null terminator to certain string values, enabling local memory information disclosure via a crafted request (CAP_NET_ADMIN) and reading the modprobe argument. Impact i...

2.1CVSS7.5AI score0.00404EPSS
CVE
CVE
added 2011/07/18 10:0 p.m.116 views

CVE-2011-0726

The CVE-2011-0726 entry is supported by connected advisories describing a Linux kernel vulnerability in do_task_stat (fs/proc/array.c) present in kernels before 2.6.39-rc1. The flaw allows local users to defeat ASLR by reading start_code/end_code from /proc/[pid]/stat for PIE processes, implying ...

2.1CVSS6.7AI score0.00342EPSS
Web
CVE
CVE
added 2011/06/22 10:0 p.m.102 views

CVE-2011-1170

CVE-2011-1170 affects the Linux kernel prior to 2.6.39 where net/ipv4/netfilter/arp_tables.c does not place the expected null terminator at the end of certain string values. This can allow a local user with CAP_NET_ADMIN to craft a request and read the argument to the modprobe process, potentiall...

2.1CVSS7.5AI score0.0041EPSS
CVE
CVE
added 2012/06/13 10:0 a.m.95 views

CVE-2011-1927

The CVE-2011-1927 entry concerns the Linux kernel: the ip_expire function in net/ipv4/ip_fragment.c before 2.6.39 fails to properly construct ICMP_TIME_EXCEEDED after a timeout, allowing remote attackers to trigger a NULL pointer dereference and crash parts of the kernel via crafted fragmented pa...

5CVSS5.6AI score0.02591EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.93 views

CVE-2011-1493

CVE-2011-1493 affects the Linux kernel (before 2.6.39). The vulnerable code is in rose_parse_national (net/rose/rose_subr.c), where an array index error can be triggered by a FAC_NATIONAL_DIGIS entry that specifies many digipeaters. This can cause heap memory corruption and a remote denial of ser...

7.5CVSS8.5AI score0.03358EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.86 views

CVE-2011-1479

CVE-2011-1479 : A double-free in the Linux kernel’s inotify subsystem (kernel versions before 2.6.39) allows local users to crash the system via paths involving failed file creation. The issue stems from an incorrect fix related to CVE-2010-4250. Affected product: Linux kernel; vulnerability type...

4.7CVSS6.3AI score0.00803EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.83 views

CVE-2011-4913

CVE-2011-4913 affects the Linux kernel before 2.6.39. The rose_parse_ccitt function in net/rose/rose_subr.c does not validate FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, allowing remote attackers to cause a denial of service (integer underflow, heap memory corruption, panic) with a small l...

7.8CVSS8.1AI score0.04177EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.82 views

CVE-2011-1476

CVE-2011-1476 is an integer underflow in the Linux kernel OSS subsystem (specifically the MIDI/OSS sequencer driver) before 2.6.39 on unspecified non-x86 platforms. It allows local users to cause a denial of service via memory corruption by crafting writes to /dev/sequencer. Publicly documented f...

4CVSS7.5AI score0.00425EPSS
CVE
CVE
added 2012/06/13 10:0 a.m.82 views

CVE-2011-1759

CVE-2011-1759 affects the Linux kernel on ARM with OABI compatibility enabled. The flaw is an integer overflow in sys_oabi_semtimedop (arch/arm/kernel/sys_oabi-compat.c) prior to release 2.6.39, allowing local users to gain privileges or trigger a denial of service via heap memory corruption due ...

6.2CVSS6.6AI score0.00437EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.81 views

CVE-2011-1477

CVE-2011-1477 affects the Linux kernel (sound/oss/opl3.c) through multiple array index errors before 2.6.39. These flaws allow local users to cause a denial of service via heap memory corruption and, potentially, gain privileges by writing to /dev/sequencer. The issue is tied to Yamaha YM3812/OPL...

7.2CVSS8.1AI score0.00409EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.81 views

CVE-2011-4914

The CVE-2011-4914 issue affects the Linux kernel ROSE protocol implementation prior to 2.6.39. It arises because data-length values are not verified against the actual data sent, enabling remote attackers to read kernel memory (out-of-bounds read) or cause a denial of service via crafted data to ...

6.4CVSS5.8AI score0.08793EPSS
CVE
CVE
added 2012/06/13 10:0 a.m.65 views

CVE-2011-2493

The CVE-2011-2493 entry affects the Linux kernel, specifically the ext4_fill_super function in fs/ext4/super.c, with vulnerability present in versions prior to 2.6.39. The issue arises from improper initialization of an error-report data structure, enabling local users to cause a denial of servic...

2.1CVSS7.3AI score0.00466EPSS
CVE
CVE
added 2017/04/24 6:12 a.m.63 views

CVE-2010-5329

The CVE-2010-5329 issue affects Linux kernels (video_usercopy in drivers/media/video/v4l2-ioctl.c) before 2.6.39. The flaw is that it relies on the count value of a v4l2_ext_controls data structure to determine a kmalloc size, which could allow local users to trigger memory exhaustion (DoS). The ...

5.5CVSS5.1AI score0.00372EPSS