Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

7 matches found

CVE•added 2011/07/18 10:55 p.m.•183 views

CVE-2011-1093

The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference an...

7.8CVSS6.8AI score0.01222EPSS

CVE•added 2011/07/18 7:55 p.m.•104 views

CVE-2010-4655

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call.

5.5CVSS5.5AI score0.00053EPSS

CVE•added 2011/07/28 10:55 p.m.•97 views

CVE-2011-2492

The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net...

1.9CVSS5.9AI score0.00055EPSS

CVE•added 2011/07/18 7:55 p.m.•95 views

CVE-2010-4656

The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report.

7.8CVSS7.1AI score0.00048EPSS

CVE•added 2011/07/18 10:55 p.m.•92 views

CVE-2011-0726

The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing...

2.1CVSS6.7AI score0.0011EPSS

CVE•added 2011/07/28 10:55 p.m.•80 views

CVE-2011-2689

The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little ...

4.9CVSS6AI score0.00096EPSS

CVE•added 2011/07/28 10:55 p.m.•55 views

CVE-2011-2695

Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsig...

4.9CVSS6.7AI score0.00067EPSS