Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

8 matches found

CVE•added 2009/03/06 11:30 a.m.•95 views

CVE-2009-0834

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted...

3.6CVSS4.6AI score0.00104EPSS

CVE•added 2009/03/25 1:30 a.m.•95 views

CVE-2009-1072

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.

4.9CVSS4.4AI score0.00801EPSS

CVE•added 2009/03/12 3:20 p.m.•78 views

CVE-2009-0778

The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message, which allows rem...

7.1CVSS6.9AI score0.01648EPSS

CVE•added 2009/03/23 4:30 p.m.•77 views

CVE-2009-1046

The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which trigg...

4.7CVSS7AI score0.00256EPSS

CVE•added 2009/03/18 2:0 a.m.•71 views

CVE-2009-0935

The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper...

5.5CVSS5.1AI score0.00067EPSS

CVE•added 2009/03/06 11:30 a.m.•68 views

CVE-2009-0835

The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which ...

3.6CVSS4.3AI score0.00185EPSS

CVE•added 2009/03/09 9:30 p.m.•65 views

CVE-2009-0859

The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ip...

4.7CVSS4.1AI score0.00061EPSS

CVE•added 2009/03/25 1:30 a.m.•55 views

CVE-2009-0787

The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory.

4.9CVSS6.8AI score0.00076EPSS