Lucene search
K

124 matches found

CVE
CVE
added 2010/12/06 8:0 p.m.637 views

CVE-2010-3904

CVE-2010-3904 is a Linux kernel flaw in the RDS implementation where rds_page_copy_user does not validate user-space addresses, enabling local privilege escalation via crafted sendmsg/recvmsg calls. Affected: Linux kernels prior to 2.6.36; fixed in later kernel releases (e.g., Red Hat/CentOS advi...

7.8CVSS6.4AI score0.11217EPSS
In wild
CVE
CVE
added 2010/11/26 7:0 p.m.212 views

CVE-2010-3705

The vulnerability CVE-2010-3705 affects the Linux kernel SCTP code: sctp_auth_asoc_get_hmac in net/sctp/auth.c does not validate the hmac_ids array from a remote peer, enabling remote attackers to trigger memory corruption and a kernel panic. Affected versions are Linux kernel before 2.6.36; reme...

8.3CVSS5.8AI score0.02024EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.203 views

CVE-2010-4249

CVE-2010-4249 affects the Linux kernel before 2.6.37-rc3-next-20101125: the wait_for_unix_gc routine in net/unix/garbage.c does not properly select times for garbage-collecting inflight sockets, enabling local users to cause a denial of service (system hang) by crafting socketpair and sendmsg cal...

4.9CVSS6.8AI score0.00896EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.200 views

CVE-2010-4258

The CVE-2010-4258 issue affects the Linux kernel versions prior to 2.6.36.2. The do_exit function in kernel/exit.c mishandles a KERNEL_DS get_fs value, bypassing access_ok checks and enabling local privilege escalation by overwriting arbitrary kernel memory. Exploitation vectors include use of th...

6.2CVSS6AI score0.02655EPSS
CVE
CVE
added 2010/09/07 4:30 p.m.184 views

CVE-2010-2521

CVE-2010-2521 affects the Linux kernel NFS server (fs/nfsd/nfs4xdr.c) prior to 2.6.34-rc6. The issue is due to multiple buffer overflows in the XDR implementation, exploitable via a crafted NFSv4 WRITE request, impacting the read_buf and nfsd4_decode_compound paths. Consequences include denial of...

10CVSS7AI score0.08984EPSS
CVE
CVE
added 2010/09/24 7:0 p.m.156 views

CVE-2010-3081

CVE-2010-3081 describes a local privilege-escalation in the Linux kernel’s 64-bit compat layer due to missing sanity checks in compat_alloc_user_space, enabling a local user to abuse compat_mc_getsockopt controlling a length value. Affected: kernel 2.6.x before 2.6.36-rc4-git2 on 64-bit platforms...

7.8CVSS7.4AI score0.03533EPSS
CVE
CVE
added 2010/09/22 6:0 p.m.155 views

CVE-2010-3301

Summary: CVE-2010-3301 affects the Linux kernel IA32 system call emulation on x86_64 where the 32‑bit entry path to ptrace does not zero‑extend %eax, enabling local privilege escalation via an out‑of‑bounds access to the syscall table. Impact: local users can gain privileges. Affected versions: k...

7.2CVSS7.5AI score0.03818EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.148 views

CVE-2010-4158

The CVE-2010-4158 issue affects the Linux kernel (pre-2.6.36.2) where sk_run_filter in net/core/filter.c may execute BPF_S_LD_MEM or BPF_S_LDX_MEM before a memory location is initialized. This can allow local users to read potentially sensitive kernel stack memory via a crafted socket filter. The...

2.1CVSS5.6AI score0.00868EPSS
CVE
CVE
added 2010/12/23 5:0 p.m.147 views

CVE-2010-3881

The CVE-2010-3881 issue affects the Linux kernel arch/x86/kvm/x86.c, where several structure members are not initialized in versions prior to 2.6.36.2. This can allow local users to read potentially sensitive data from kernel stack memory via /dev/kvm. The documented fix is in kernel 2.6.36.2 (an...

2.1CVSS5.8AI score0.0048EPSS
CVE
CVE
added 2010/01/12 5:0 p.m.144 views

CVE-2009-4538

CVE-2009-4538 affects the Linux kernel e1000e driver (netdev.c) up to and including version 2.6.32.3. The issue is an improper check of the Ethernet frame size when frames exceed the MTU, allowing a remote attacker to influence the system via crafted packets. The impact is described as unspecifie...

10CVSS6.8AI score0.0838EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.144 views

CVE-2010-4073

CVE-2010-4073 affects the Linux kernel IPC compatibility code: before 2.6.37-rc1, several compat syscall handlers (ipc/compat.c and ipc/compat_mq.c) fail to initialize certain structures, enabling local attackers to read potentially sensitive kernel stack memory via vectors in compat_sys_semctl, ...

1.9CVSS5.7AI score0.01542EPSS
CVE
CVE
added 2010/11/30 9:19 p.m.142 views

CVE-2010-3858

CVE-2010-3858 is a Linux kernel vulnerability described in MiracleLinux advisories as affecting fs/exec.c with CONFIG_STACK_GROWSDOWN. On 64-bit platforms, for 32-bit applications, the setup_arg_pages function does not properly constrain stack usage of arguments and environment, enabling local us...

4.9CVSS6.3AI score0.00913EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.139 views

CVE-2010-2798

The CVE-2010-2798 entry concerns the Linux kernel prior to 2.6.35, where gfs2_dirent_find_space uses an incorrect size value in calculations related to sentinel directory entries. This can allow local attackers to trigger a denial of service via a NULL pointer dereference and kernel panic, with a...

7.8CVSS7.3AI score0.00414EPSS
CVE
CVE
added 2010/11/20 9:0 p.m.139 views

CVE-2010-3432

CVE-2010-3432 affects the Linux kernel SCTP stack: sctp_packet_config in net/sctp/output.c initializes packet data structures too aggressively in kernels before 2.6.35.6, enabling remote attackers to trigger a denial of service (panic) via a specific SCTP traffic sequence. Affected component: ker...

7.8CVSS5.7AI score0.05542EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.136 views

CVE-2010-3850

CVE-2010-3850: In the Linux kernel, the ec_dev_ioctl function in net/econet/af_econet.c did not require CAP_NET_ADMIN, allowing local users to bypass access restrictions and configure econet addresses via an SIOCSIFADDR ioctl. Documented impact is local privilege/unauthorized configuration; fix a...

2.1CVSS5.8AI score0.00801EPSS
CVE
CVE
added 2010/11/30 10:0 p.m.135 views

CVE-2010-4081

CVE-2010-4081 affects the Linux kernel (sound/pci/rme9652/hdspm.c: snd_hdspm_hwdep_ioctl). The root cause is failure to initialize a structure, enabling local users to read potentially sensitive kernel stack memory via SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO. Affected: kernel versions prior to 2.6.36-r...

1.9CVSS5.5AI score0.00393EPSS
CVE
CVE
added 2010/01/12 5:0 p.m.134 views

CVE-2009-4537

CVE-2009-4537 concerns the Linux kernel before 2.6.32.3, specifically the r8169 Ethernet driver (drivers/net/r8169.c). The vulnerability arises from not properly checking the size of frames that exceed the MTU, allowing remote attackers to cause a denial of service via crafted packets that exploi...

7.8CVSS6.1AI score0.05889EPSS
CVE
CVE
added 2010/09/07 4:30 p.m.134 views

CVE-2010-2248

CVE-2010-2248 affects the Linux kernel CIFS/SMB implementation. The issue is triggered by a remote SMB response containing an invalid CountHigh value, leading to a denial of service (kernel panic) via the CIFSSMBWrite and CIFSSMBWrite2 paths (OS/2 server responses). Affected: Linux kernel prior t...

7.8CVSS7AI score0.04033EPSS
CVE
CVE
added 2010/08/20 5:0 p.m.133 views

CVE-2010-3015

CVE-2010-3015 exists in the Linux kernel before 2.6.34: an integer overflow in ext4_ext_get_blocks() within fs/ext4/extents.c allows local users to trigger a denial of service (BUG and system crash) by performing a write to the last block of a large file, followed by a sync. Affected component: L...

4.7CVSS7AI score0.00376EPSS
CVE
CVE
added 2010/09/21 5:0 p.m.133 views

CVE-2010-3067

CVE-2010-3067 affects the Linux kernel: an integer overflow in do_io_submit (fs/aio.c) in versions before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly other impact via crafted io_submit usage. The vulnerability is rooted in improper handling within the io_s...

4.9CVSS6.8AI score0.00428EPSS
CVE
CVE
added 2010/02/17 6:0 p.m.132 views

CVE-2010-0415

The CVE-2010-0415 issue affects the Linux kernel before 2.6.33-rc7. The do_pages_move function in mm/migrate.c does not validate node values, allowing local users to read arbitrary kernel memory locations and cause an OOPS, with possible other impacts by specifying a node outside the kernel’s nod...

4.6CVSS7AI score0.01819EPSS
CVE
CVE
added 2010/03/31 5:35 p.m.131 views

CVE-2010-1188

CVE-2010-1188 details (mode C): A use-after-free in net/ipv4/tcp_input.c of the Linux kernel 2.6 prior to 2.6.20. When IPV6_RECVPKTINFO is set on a listening TCP socket, a SYN packet to a LISTEN socket can trigger the skb being freed improperly, allowing a remote attacker to cause a denial of ser...

7.1CVSS5.3AI score0.03307EPSS
Web
CVE
CVE
added 2010/05/07 6:23 p.m.130 views

CVE-2010-1173

CVE-2010-1173 affects Linux kernel SCTP: sctp_process_unk_param in net/sctp/sm_make_chunk.c (kernel 2.6.33.3 and earlier) enables remote attackers to crash the system via SCTPChunkInit with many invalid parameters (high error data). Connected advisories (e.g., MiracleLinux AXSA-2010-377:12 and re...

7.1CVSS6.2AI score0.21312EPSS
In wild
CVE
CVE
added 2010/11/29 3:0 p.m.130 views

CVE-2010-4075

The CVE-2010-4075 entry affects the Linux kernel module code: uart_get_count (drivers/serial/serial_core.c) in versions prior to 2.6.37-rc1. The vulnerability arises from not properly initializing a certain structure member, enabling local users to read potentially sensitive information from kern...

1.9CVSS5.5AI score0.00387EPSS
CVE
CVE
added 2010/11/26 6:23 p.m.129 views

CVE-2010-2962

The CVE-2010-2962 issue affects the Intel i915 DRM GEM in the Linux kernel prior to 2.6.36. It arises from insufficient validation of pointers to memory blocks in i915_gem.c, enabling local users to write to kernel memory via crafted ioctl usage (pwrite/pread) and potentially gain privileges.

7.2CVSS6.2AI score0.00483EPSS
CVE
CVE
added 2010/12/29 5:27 p.m.129 views

CVE-2010-3859

CVE-2010-3859 stems from multiple signedness errors in the Linux kernel’s TIPC implementation, allowing local privilege escalation via a crafted sendmsg that triggers a heap-based buffer overflow in tipc_msg_build and related iovec handling (verify_iovec). Public sources confirm affected historic...

6.9CVSS7.5AI score0.00397EPSS
CVE
CVE
added 2010/09/30 2:0 p.m.128 views

CVE-2010-3296

CVE-2010-3296 affects the Linux kernel driver cxgb3 (cxgb_extension_ioctl in drivers/net/cxgb3/cxgb3_main.c). The advisory states that the code path in kernels up to 2.6.36-rc5 does not properly initialize a structure member, allowing a local user to potentially read sensitive data from kernel st...

2.1CVSS5.5AI score0.00432EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.128 views

CVE-2010-3442

Technical details for CVE-2010-3442 are not publicly provided in the connected documents. The sources reference the CVE and affected kernel versions but do not describe exploitability, impact specifics, or fixes. Monitor for vendor advisories and updates.

4.7CVSS6.5AI score0.00395EPSS
CVE
CVE
added 2010/12/10 6:0 p.m.128 views

CVE-2010-3880

CVE-2010-3880 affects the Linux kernel (net/ipv4/inet_diag.c) prior to 2.6.37-rc2. The issue is improper auditing of INET_DIAG bytecode, enabling a local user to trigger a kernel infinite loop and cause a denial of service via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message conta...

4.9CVSS5.8AI score0.00435EPSS
CVE
CVE
added 2010/09/21 5:0 p.m.125 views

CVE-2010-2942

CVE-2010-2942 affects the Linux kernel prior to 2.6.36-rc2. The issue arises in the actions implementation of network queueing: several tcf_*_dump routines (tcf_gact_dump, tcf_mirred_dump, tcf_nat_dump, tcf_simp_dump, tcf_skbedit_dump) do not properly initialize certain structure members during d...

5.5CVSS5.5AI score0.00421EPSS
CVE
CVE
added 2010/01/12 5:0 p.m.124 views

CVE-2009-4536

CVE-2009-4536 affects the Linux kernel ≤ 2.6.32.3 in the e1000 (drivers/net/e1000/e1000_main.c): it mishandles frames larger than MTU by treating trailing payload as a full frame, allowing remote bypass of packet filters with a crafted large packet. The issue is described as a consequence of an i...

7.8CVSS7AI score0.05227EPSS
CVE
CVE
added 2010/03/16 7:0 p.m.124 views

CVE-2010-0727

CVE-2010-0727 affects the Linux kernel: the gfs2_lock (and on RHEL 5/6 gfs_lock) fails to properly remove POSIX locks on files that are setgid without group-execute permission. This allows a local attacker to trigger a denial of service or system crash by locking a file on a GFS or GFS2 filesyste...

4.9CVSS5.4AI score0.00582EPSS
CVE
CVE
added 2010/12/30 6:0 p.m.124 views

CVE-2010-3848

CVE-2010-3848 is a Linux kernel vulnerability: a stack-based buffer overflow in econet_sendmsg (net/econet/af_econet.c) when Econet is configured, caused by handling a large number of iovec structures. This allows local privilege escalation. The flaw affects Linux kernels before 2.6.36.2 and is a...

6.9CVSS6.3AI score0.00703EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.124 views

CVE-2010-4072

CVE-2010-4072 affects the Linux kernel: the copy_shmid_to_user function in ipc/shm.c (pre-2.6.37-rc1) does not initialize a certain structure, enabling local users to leak potentially sensitive information from kernel stack memory via the shmctl interface and the old shm interface. Affected produ...

1.9CVSS5.8AI score0.00384EPSS
CVE
CVE
added 2010/12/10 6:0 p.m.124 views

CVE-2010-4157

CVE-2010-4157 involves an integer overflow in the Linux kernel’s GDTH SCSI driver (gdth_ioctl_alloc/ioc_general) on 64-bit platforms. A 32/64-bit mismatch when handling a large argument in an ioctl can cause memory corruption, enabling a local user to trigger a denial of service (and potentially ...

6.2CVSS7.8AI score0.0054EPSS
CVE
CVE
added 2010/09/03 7:0 p.m.123 views

CVE-2010-2240

CVE-2010-2240 affects the Linux kernel via the do_anonymous_page function in mm/memory.c, where improper separation of the stack and heap allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, demonstrated by a memory-exhaustion atta...

7.2CVSS7AI score0.00716EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.123 views

CVE-2010-2495

CVE-2010-2495 affects the Linux kernel’s L2TP implementation (pppol2tp.c). The vulnerability arises from improper validation of certain interface-related values in pppol2tp_xmit, enabling a NULL pointer dereference and an OOPs that can cause a denial of service via routing-change vectors. The iss...

10CVSS6.4AI score0.02931EPSS
CVE
CVE
added 2010/09/21 7:0 p.m.123 views

CVE-2010-3477

The CVE-2010-3477 issue affects the Linux kernel’s net/sched/act_police.c (tcf_act_police_dump) in versions before 2.6.36-rc4. The root cause is incomplete initialization of certain structure members during dump operations, allowing local users to read potentially sensitive kernel memory. The vul...

2.1CVSS5.8AI score0.00404EPSS
CVE
CVE
added 2010/11/30 10:0 p.m.123 views

CVE-2010-4083

CVE-2010-4083 affects the Linux kernel (pre-2.6.36). The vulnerable code path is copy_semid_to_user() in ipc/sem.c, where a structure is not initialized, enabling local attackers to leak kernel stack memory via semctl commands (IPC_INFO, SEM_INFO, IPC_STAT, SEM_STAT). The issue is mitigated by up...

1.9CVSS5.8AI score0.00387EPSS
CVE
CVE
added 2010/09/21 5:0 p.m.122 views

CVE-2010-3078

The CVE-2010-3078 issue affects the Linux kernel (xfs_ioc_fsgetxattr) where a structure member is not initialized, enabling local attackers to read potentially sensitive data from kernel stack memory via an ioctl. This vulnerability is documented in MiracleLinux AXSA-2010-500:18 and is fixed in 2...

5.5CVSS5.5AI score0.00407EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.121 views

CVE-2010-2959

The CVE-2010-2959 issue affects the Linux kernel CAN subsystem, specifically the can/bcm.c implementation, due to an integer overflow vulnerability. This flaw can allow local attackers to execute arbitrary code or cause a system crash (DoS) via crafted CAN traffic. Public advisories confirm vulne...

7.2CVSS7.8AI score0.03777EPSS
In wild
CVE
CVE
added 2010/12/30 6:0 p.m.121 views

CVE-2010-3849

CVE-2010-3849 affects the Linux kernel’s econet_sendmsg path (net/econet/af_econet.c) prior to 2.6.36.2, when an Econet address is configured. A local user can trigger a denial of service by issuing a sendmsg with a NULL remote address, causing a NULL pointer dereference and OOPS. The correspondi...

4.7CVSS5.7AI score0.00717EPSS
In wild
CVE
CVE
added 2010/09/08 7:0 p.m.120 views

CVE-2010-2524

CVE-2010-2524 affects the Linux kernel CIFS DNS upcall: when CONFIG_CIFS_DFS_UPCALL is enabled, DNS resolution relies on a user keyring via the dns_resolver upcall in the cifs.upcall userspace helper. This allows local privileged or nearby users to spoof DNS query results and mount arbitrary CIFS...

7.8CVSS7AI score0.00423EPSS
CVE
CVE
added 2010/11/26 6:23 p.m.120 views

CVE-2010-3698

The CVE-2010-3698 entry concerns the KVM implementation in Linux kernels prior to 2.6.36. The root cause is that the kernel does not properly reload the FS and GS segment registers when handling KVM_RUN with a modified Local Descriptor Table (LDT). Impact: host OS users can cause a denial of serv...

4.9CVSS5.7AI score0.00421EPSS
CVE
CVE
added 2010/02/17 6:0 p.m.119 views

CVE-2010-0307

CVE-2010-0307 affects the Linux kernel (x86_64) prior to 2.6.32.8 where load_elf_binary in fs/binfmt_elf.c may call SET_PERSONALITY before confirming the ELF interpreter exists, enabling a local DoS via a 32-bit process launching a 64-bit one and triggering a segmentation fault (flush_old_exec re...

4.7CVSS5.5AI score0.00833EPSS
CVE
CVE
added 2010/12/22 8:0 p.m.119 views

CVE-2010-4346

The vulnerability CVE-2010-4346 affects the Linux kernel: install_special_mapping in mm/mmap.c before 2.6.37-rc6 does not call security_file_mmap as expected, allowing local users to bypass mmap_min_addr restrictions and potentially trigger NULL pointer dereference via a crafted assembly-language...

2.1CVSS5.8AI score0.00405EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.118 views

CVE-2010-2492

CVE-2010-2492 affects the Linux kernel’s eCryptfs component: a buffer overflow in the ecryptfs_uid_hash macro (fs/ecryptfs/messaging.c) could allow local privilege escalation or a denial of service. The MiracleLinux AXSA advisory lists this CVE among kernel issues and specifies the flaw occurs in...

7.8CVSS7.3AI score0.00434EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.118 views

CVE-2010-3437

The vulnerability CVE-2010-3437 affects the Linux kernel (before 2.6.36-rc6) in pkt_find_dev_from_minor within drivers/block/pktcdvd.c. A crafted index value passed via PKT_CTRL_CMD_STATUS ioctl can cause a signedness error, enabling local attackers to read kernel memory or trigger a crash (DoS)....

6.6CVSS5.6AI score0.02416EPSS
In wildWeb
CVE
CVE
added 2010/09/29 4:0 p.m.117 views

CVE-2010-3310

CVE-2010-3310 refers to multiple signedness errors in net/rose/af_rose.c of the Linux kernel, fixed before 2.6.36-rc5-next-20100923. The vulnerability allows local users to induce a denial of service (heap memory corruption) or possibly cause other unspecified impacts through a rose_getname call ...

1.9CVSS7.6AI score0.00405EPSS
CVE
CVE
added 2010/05/07 6:23 p.m.116 views

CVE-2010-1437

CVE-2010-1437 is a race condition in the Linux kernel’s keyring handling (find_keyring_by_name in security/keys/keyring.c) affecting version 2.6.34-rc5 and earlier. A local user can exploit this via keyctl session commands that access a dead keyring being deleted by key_cleanup, leading to memory...

7CVSS7.2AI score0.00658EPSS
Total number of security vulnerabilities124