Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

9 matches found

CVE•added 2009/09/15 10:30 p.m.•97 views

CVE-2009-2903

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.

7.1CVSS6.6AI score0.03773EPSS

CVE•added 2009/09/18 10:30 a.m.•86 views

CVE-2009-3238

The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "...

7.8CVSS5.7AI score0.00241EPSS

CVE•added 2009/09/22 10:30 a.m.•86 views

CVE-2009-3286

NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_pe...

4.6CVSS6.9AI score0.00095EPSS

CVE•added 2009/09/22 10:30 a.m.•77 views

CVE-2009-3290

The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) a...

7.2CVSS7.1AI score0.00053EPSS

CVE•added 2009/09/18 10:30 a.m.•62 views

CVE-2009-1883

The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage.

4.4CVSS5.5AI score0.00077EPSS

CVE•added 2009/09/02 5:30 p.m.•46 views

CVE-2009-3043

The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonst...

4.9CVSS6.9AI score0.00128EPSS

CVE•added 2009/09/22 10:30 a.m.•46 views

CVE-2009-3288

The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD...

4.9CVSS7.1AI score0.00075EPSS

CVE•added 2009/09/21 7:30 p.m.•44 views

CVE-2009-3280

Integer signedness error in the find_ie function in net/wireless/scan.c in the cfg80211 subsystem in the Linux kernel before 2.6.31.1-rc1 allows remote attackers to cause a denial of service (soft lockup) via malformed packets.

7.8CVSS6.5AI score0.01823EPSS

CVE•added 2009/09/17 10:30 a.m.•43 views

CVE-2009-3234

Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call.

4.9CVSS7.3AI score0.01011EPSS