Linux Kernel@2.6.6 Security Vulnerabilities and Issues — Linux Kernel@2.6.6 CVE List

Lucene search

LinuxLinux Kernel2.6.6

9 matches found

CVE•added 2011/05/03 7:55 p.m.•178 views

CVE-2011-1495

drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information fro...

7.2CVSS7.5AI score0.00132EPSS

CVE•added 2011/05/03 7:55 p.m.•142 views

CVE-2011-1494

Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffe...

6.9CVSS7.7AI score0.00145EPSS

CVE•added 2011/05/03 7:55 p.m.•105 views

CVE-2011-1577

Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on remo...

4.9CVSS7.8AI score0.00123EPSS

CVE•added 2011/06/22 10:55 p.m.•104 views

CVE-2011-1171

net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by lev...

2.1CVSS7.5AI score0.00041EPSS

CVE•added 2011/05/09 7:55 p.m.•101 views

CVE-2011-1090

The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service (panic) via a crafted attempt to set an ACL.

4.9CVSS7AI score0.00084EPSS

CVE•added 2011/06/22 10:55 p.m.•100 views

CVE-2011-1172

net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by le...

2.1CVSS7.5AI score0.00042EPSS

CVE•added 2011/07/18 10:55 p.m.•92 views

CVE-2011-0726

The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing...

2.1CVSS6.7AI score0.0011EPSS

CVE•added 2011/06/22 10:55 p.m.•84 views

CVE-2011-1170

net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by le...

2.1CVSS7.5AI score0.00041EPSS

CVE•added 2011/01/14 11:0 p.m.•81 views

CVE-2010-3086

include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception fixup, which allows local users to cause a denial of service (panic) via an invalid application that triggers a page fault.

4.9CVSS5AI score0.00064EPSS