Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

9 matches found

CVE•added 2011/02/02 11:0 p.m.•121 views

CVE-2011-0521

The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value.

7.2CVSS6.5AI score0.00113EPSS

CVE•added 2011/02/18 8:0 p.m.•108 views

CVE-2010-4649

Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member.

6.9CVSS6.6AI score0.00069EPSS

CVE•added 2011/02/28 4:0 p.m.•108 views

CVE-2011-1020

The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek,...

4.6CVSS6AI score0.00619EPSS

CVE•added 2011/02/18 8:0 p.m.•100 views

CVE-2011-1044

The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially fil...

2.1CVSS5.4AI score0.00069EPSS

CVE•added 2011/02/18 8:0 p.m.•86 views

CVE-2011-0712

Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init ...

7.2CVSS6.9AI score0.00056EPSS

CVE•added 2011/02/28 4:0 p.m.•78 views

CVE-2011-1016

The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values.

1.9CVSS6.7AI score0.00053EPSS

CVE•added 2011/02/18 8:0 p.m.•68 views

CVE-2011-0710

The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.

2.1CVSS7.1AI score0.00108EPSS

CVE•added 2011/02/18 8:0 p.m.•64 views

CVE-2011-0709

The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table.

7.8CVSS7.1AI score0.02318EPSS

CVE•added 2011/02/23 7:0 p.m.•59 views

CVE-2011-0999

mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not prevent creation of a transparent huge page (THP) during the existence of a temporary stack for an exec system call, which allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact v...

4.9CVSS7.3AI score0.00113EPSS