Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

10 matches found

CVE•added 2009/12/04 9:30 p.m.•101 views

CVE-2009-4020

Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.

7.8CVSS6.3AI score0.04846EPSS

CVE•added 2009/12/08 11:30 p.m.•93 views

CVE-2009-1298

The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, pos...

7.8CVSS6.5AI score0.02324EPSS

CVE•added 2009/12/16 7:30 p.m.•88 views

CVE-2009-4138

drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet tha...

4.7CVSS7AI score0.00081EPSS

CVE•added 2009/12/13 1:30 a.m.•87 views

CVE-2009-4308

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journ...

7.1CVSS6.9AI score0.03871EPSS

CVE•added 2009/12/13 1:30 a.m.•86 views

CVE-2009-4131

The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions.

7.2CVSS6.5AI score0.0009EPSS

CVE•added 2009/12/13 1:30 a.m.•82 views

CVE-2009-4307

The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_p...

7.1CVSS6.5AI score0.03356EPSS

CVE•added 2009/12/02 4:30 p.m.•74 views

CVE-2009-4027

Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.

7.1CVSS6.3AI score0.01135EPSS

CVE•added 2009/12/02 4:30 p.m.•66 views

CVE-2009-4026

The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch."

7.8CVSS6.5AI score0.01292EPSS

CVE•added 2009/12/13 1:30 a.m.•52 views

CVE-2009-4306

Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel 2.6.32-git6 and earlier allows local users to cause a denial of service (filesystem corruption) via unknown vectors, a different vulnerability than CVE-2009-4131.

4.9CVSS6.3AI score0.0009EPSS

CVE•added 2009/12/24 4:30 p.m.•45 views

CVE-2009-4410

The fuse_ioctl_copy_user function in the ioctl handler in fs/fuse/file.c in the Linux kernel 2.6.29-rc1 through 2.6.30.y uses the wrong variable in an argument to the kunmap function, which allows local users to cause a denial of service (panic) via unknown vectors.

4.9CVSS6.9AI score0.00066EPSS