Lucene search
K

82 matches found

CVE
CVE
added 2011/01/11 1:0 a.m.369 views

CVE-2010-3865

CVE-2010-3865 is a Linux kernel issue described in connected advisories as an integer overflow in the rds_rdma_pages function (net/rds/rdma.c). The vulnerability can allow local users to crash the kernel and potentially execute arbitrary code through a crafted iovec in an RDS request, triggered b...

7.2CVSS6.7AI score0.00555EPSS
CVE
CVE
added 2011/01/03 7:26 p.m.356 views

CVE-2010-3873

CVE-2010-3873 affects the Linux kernel X.25 implementation prior to 2.6.36.2. The vulnerability arises from improper parsing of facilities, allowing a remote attacker to trigger heap memory corruption and a kernel panic (partial availability) via malformed X25_FAC_CALLING_AE or X25_FAC_CALLED_AE ...

5CVSS7.3AI score0.03739EPSS
CVE
CVE
added 2011/10/10 10:0 a.m.251 views

CVE-2011-2189

Summary (CVE-2011-2189): The Linux kernel (2.6.32 and earlier) has a flaw in net_namespace.c that mishandles a high rate of network-namespace creation/cleanup. This can allow remote attackers to cause a denial of service via memory consumption in a daemon that creates a separate namespace per con...

7.8CVSS7AI score0.17841EPSS
In wild
CVE
CVE
added 2011/04/03 1:0 a.m.240 views

CVE-2011-1083

The CVE-2011-1083 issue affects the Linux kernel epoll implementation (epoll_ctl/epoll_create) as shipped in 2.6.37.2 and earlier. Local attackers can cause CPU denial of service by crafting a user-space application that creates and manages epoll file descriptors, exploiting improper traversal of...

4.9CVSS5.9AI score0.00795EPSS
CVE
CVE
added 2011/07/18 10:0 p.m.217 views

CVE-2011-1093

CVE-2011-1093 affects the Linux kernel’s Datagram Congestion Control Protocol (DCCP). The vulnerable code path is dccp_rcv_state_process in net/dccp/input.c, which mishandles packets for a CLOSED endpoint. An attacker can trigger a NULL pointer dereference and OOPS by sending a DCCP-Close packet ...

7.8CVSS6.8AI score0.03411EPSS
CVE
CVE
added 2011/05/03 7:0 p.m.195 views

CVE-2011-1495

CVE-2011-1495 affects the Linux kernel up to 2.6.38, in drivers/scsi/mpt2sas/mpt2sas_ctl.c. The issue arises because length and offset values are not validated before memory copy operations, potentially allowing a local user to gain privileges, cause memory corruption (DoS), or read sensitive ker...

7.2CVSS7.5AI score0.0037EPSS
CVE
CVE
added 2011/05/03 7:0 p.m.161 views

CVE-2011-1494

CVE-2011-1494 affects the Linux kernel (2.6.38 and earlier) via an integer overflow in the _ctl_do_mpt_command function (drivers/scsi/mpt2sas/mpt2sas_ctl.c). This can allow local users to gain privileges or cause a denial of service (memory corruption) by issuing an ioctl with a crafted value tha...

6.9CVSS7.7AI score0.00374EPSS
CVE
CVE
added 2011/01/22 9:0 p.m.151 views

CVE-2010-4243

CVE-2010-4243 affects the Linux kernel up to version 2.6.37. The issue is in fs/exec.c where the OOM Killer does not assess stack memory usage of the arrays representing (1) arguments and (2) environment during an exec, enabling a local user to cause memory exhaustion (denial of service) via a cr...

4.9CVSS5.7AI score0.0091EPSS
CVE
CVE
added 2011/01/03 7:26 p.m.147 views

CVE-2010-3876

CVE-2010-3876 affects the Linux kernel: the code path net/packet/af_packet.c in kernel versions before 2.6.37-rc2 does not properly initialize certain structure members, allowing local users with CAP_NET_RAW to read copies of the applicable structures from kernel stack memory. Publicly document d...

1.9CVSS5.6AI score0.00377EPSS
CVE
CVE
added 2011/02/02 10:0 p.m.144 views

CVE-2011-0521

The CVE-2011-0521 issue affects the Linux kernel’s dvb_ca_ioctl in drivers/media/dvb/ttpci/av7110_ca.c, where the sign of a certain integer field is not checked in versions before 2.6.38-rc2. This allows local users to cause a denial of service via memory corruption and potentially other unspecif...

7.2CVSS6.5AI score0.00408EPSS
CVE
CVE
added 2011/03/01 10:0 p.m.142 views

CVE-2011-0711

CVE-2011-0711 affects the Linux kernel through the xfs_fs_geometry function in fs/xfs/xfs_fsops.c. The vulnerability arises because a structure member is not initialized, enabling local attackers to read potentially sensitive data from kernel stack memory via the FSGEOMETRY_V1 ioctl. The affected...

2.1CVSS5.8AI score0.00399EPSS
CVE
CVE
added 2011/02/28 3:0 p.m.141 views

CVE-2011-1020

CVE-2011-1020 affects the Linux kernel (2.6.37 and earlier) where the proc filesystem does not restrict access to /proc after a process execs a setuid program. This can let local attackers obtain sensitive information or cause a denial of service by performing open, lseek, read, or write operatio...

4.6CVSS6AI score0.00923EPSS
CVE
CVE
added 2011/05/09 7:0 p.m.141 views

CVE-2011-1745

The CVE-2011-1745 entry affects the Linux kernel: an integer overflow in the agp_generic_insert_memory function (drivers/char/agp/generic.c) in kernels before 2.6.38.5. This allows local users to gain privileges or cause a denial of service via a crafted AGPIOC_BIND agp_ioctl call. Affected platf...

6.9CVSS6.3AI score0.00384EPSS
CVE
CVE
added 2011/07/18 7:0 p.m.139 views

CVE-2010-4655

CVE-2010-4655 affects the Linux kernel’s net/core/ethtool.c, where uninitialized data structures in ethtool ioctl handling could allow a local user with CAP_NET_ADMIN to leak information from kernel heap memory. The initial description specifies the vulnerability exists in kernel builds before 2....

5.5CVSS5.5AI score0.004EPSS
CVE
CVE
added 2011/05/09 7:0 p.m.139 views

CVE-2011-1746

The CVE affects the Linux kernel prior to 2.6.38.5, specifically the AGP subsystem in drivers/char/agp/generic.c. It is caused by multiple integer overflows in the functions agp_allocate_memory and agp_create_user_memory, allowing local users to trigger buffer overflows and potentially crash the ...

6.9CVSS6.7AI score0.00422EPSS
CVE
CVE
added 2011/08/31 11:0 p.m.135 views

CVE-2011-1576

CVE-2011-1576 affects the Linux kernel GRO offload path (napi_reuse_skb) used in Red Hat Enterprise Linux 5 (kernel 2.6.18) and Red Hat Enterprise Linux 6 (kernel 2.6.32) as deployed in RHEV Hypervisor. The advisory notes that remote attackers can trigger VLAN-packet processing to cause a denial ...

5.7CVSS7.2AI score0.01003EPSS
CVE
CVE
added 2011/09/06 4:0 p.m.135 views

CVE-2011-1776

The CVE-2011-1776 issue affects the Linux kernel’s is_gpt_valid function (fs/partitions/efi.c). It does not validate the size of a GPT entry, allowing physically proximate attackers to trigger a heap-based buffer overflow and OOPS or potentially read kernel heap memory when a crafted GPT storage ...

6.1CVSS7.2AI score0.00546EPSS
CVE
CVE
added 2011/05/09 7:0 p.m.133 views

CVE-2011-2022

The CVE-2011-2022 issue affects the Linux kernel (drivers/char/agp/generic.c) prior to 2.6.38.5. The vulnerability is due to failure to validate a start parameter in the agp_generic_remove_memory function, enabling local users to gain privileges or cause a denial of service (system crash) via a c...

6.9CVSS6.1AI score0.00384EPSS
CVE
CVE
added 2011/01/03 7:26 p.m.130 views

CVE-2010-4163

The CVE-2010-4163 issue affects the Linux kernel, where blk_rq_map_user_iov in block/blk-map.c is vulnerable before version 2.6.36.2. A local attacker can trigger a denial of service (kernel panic) by submitting a zero-length I/O request via a device ioctl to a SCSI device. The description explic...

4.7CVSS6.8AI score0.00393EPSS
CVE
CVE
added 2011/01/03 7:26 p.m.129 views

CVE-2010-3875

CVE-2010-3875 affects the Linux kernel, specifically the ax25_getname function in net/ax25/af_ax25.c. The root cause is that a structure is not initialized, enabling local users to read a copy of kernel stack memory and potentially obtain sensitive information. The issue is tied to kernels prior ...

2.1CVSS5.5AI score0.00392EPSS
CVE
CVE
added 2011/03/01 10:0 p.m.129 views

CVE-2011-1010

Concretely, CVE-2011-1010 is reported in MiracleLinux advisory AXSA:2011-282:05 as affecting kernel-2.6.18-238.2.AXS3. It describes a buffer overflow in the mac_partition function (fs/partitions/mac.c) of the Linux kernel, prior to version 2.6.37.2, which can allow a local user to cause a denial ...

4.9CVSS8.3AI score0.00534EPSS
CVE
CVE
added 2011/05/09 7:0 p.m.129 views

CVE-2011-1013

CVE-2011-1013 is an integer signedness error in the drm_modeset_ctl ioctl handling that affects the Linux kernel prior to 2.6.38 and OpenBSD prior to 4.9, allowing local users to trigger out-of-bounds writes and potentially crash the system or cause other impact via a crafted vb_num in an ioctl. ...

7.2CVSS7AI score0.0041EPSS
CVE
CVE
added 2011/01/11 1:0 a.m.128 views

CVE-2010-4526

CVE-2010-4526 describes a race condition in the Linux kernel between 2.6.11-rc2 and 2.6.33 in sctp_icmp_proto_unreachable (net/sctp/input.c). An ICMP Unreachable to a socket that is already locked by a user can free the socket and trigger list corruption via sctp_wait_for_connect, enabling remote...

7.1CVSS5.8AI score0.02523EPSS
CVE
CVE
added 2011/05/03 7:0 p.m.128 views

CVE-2011-1577

CVE-2011-1577 describes a heap-based buffer overflow in the is_gpt_valid function of fs/partitions/efi.c in Linux kernel 2.6.38 and earlier. This allows physically proximate attackers to cause a denial of service (OOPS) or potentially other impact via a crafted EFI GPT header size on removable me...

4.9CVSS7.8AI score0.00423EPSS
CVE
CVE
added 2011/01/03 7:26 p.m.127 views

CVE-2010-3877

The CVE-2010-3877 issue affects the Linux kernel (as cited in MiracleLinux AXSA:2011-143:02 and related advisories) where get_name in net/tipc/socket.c does not initialize a structure, enabling local attackers to read uninitialized kernel stack memory and leak information. Impact is a local infor...

1.9CVSS5.5AI score0.00387EPSS
CVE
CVE
added 2011/01/03 7:26 p.m.126 views

CVE-2010-4164

CVE-2010-4164 affects the Linux kernel prior to 2.6.36.2, where multiple integer underflows occur in the x25_parse_facilities function (net/x25/x25_facilities.c). This can allow a remote attacker to cause a denial of service (system crash) via malformed X.25 facility data (X25_FAC_CLASS_A/B/C/D)....

7.8CVSS7AI score0.04308EPSS
CVE
CVE
added 2011/02/18 7:0 p.m.126 views

CVE-2010-4649

The CVE-2010-4649 issue affects the Linux kernel up to 2.6.37, where an Integer overflow in ib_uverbs_poll_cq (drivers/infiniband/core/uverbs_cmd.c) allows a local user to cause memory corruption and a possible DoS or other unspecified impact when a structure member is large. The vulnerability re...

6.9CVSS6.6AI score0.00355EPSS
CVE
CVE
added 2011/01/03 7:26 p.m.124 views

CVE-2010-4668

CVE-2010-4668 affects the Linux kernel up to 2.6.37-rc7, where blk_rq_map_user_iov in block/blk-map.c allows a local user to trigger a panic/DoS via a zero-length I/O request to a SCSI device, due to an unaligned map. The vulnerability is tied to an incomplete fix for CVE-2010-4163. Affected vers...

4.7CVSS6.9AI score0.00405EPSS
CVE
CVE
added 2011/06/22 10:0 p.m.123 views

CVE-2011-1171

CVE-2011-1171 affects the Linux kernel prior to 2.6.39, specifically the IPv4 netfilter ip_tables.c path. The issue is that string data in certain structure members may not end with the expected null terminator, enabling a local attacker with CAP_NET_ADMIN to craft a request and read the argument...

2.1CVSS7.5AI score0.0041EPSS
CVE
CVE
added 2011/06/22 10:0 p.m.122 views

CVE-2011-1172

The CVE-2011-1172 issue affects the Linux kernel IPv6 stack (net/ipv6/netfilter/ip6_tables.c): root cause is failure to append a null terminator to certain string values, enabling local memory information disclosure via a crafted request (CAP_NET_ADMIN) and reading the modprobe argument. Impact i...

2.1CVSS7.5AI score0.00404EPSS
CVE
CVE
added 2011/05/09 7:0 p.m.121 views

CVE-2011-1090

CVE-2011-1090 affects the Linux kernel’s NFSv4 ACL handling: the function __nfs4_proc_set_acl in fs/nfs/nfs4proc.c allocates memory with kmalloc but does not always free it, enabling a local attacker to trigger a denial of service (panic) by crafting an ACL set operation. The vulnerability is doc...

4.9CVSS7AI score0.00438EPSS
CVE
CVE
added 2011/05/26 4:0 p.m.119 views

CVE-2010-4251

CVE-2010-4251 affects the Linux kernel up to version 2.6.34. The vulnerability lies in the socket backlog handling in net/core/sock.c, which allows remote attackers to cause memory exhaustion DoS by sending大量 network traffic (e.g., UDP via netperf). The issue is addressed by the 2.6.34 changelog ...

7.8CVSS6.8AI score0.03922EPSS
CVE
CVE
added 2011/02/18 7:0 p.m.119 views

CVE-2011-1044

CVE-2011-1044 affects the Linux kernel (pre-2.6.37) and is caused by ib_uverbs_poll_cq in drivers/infiniband/core/uverbs_cmd.c not initializing a certain response buffer. This allows local attackers to read potentially sensitive data from kernel memory via vectors that fill the buffer only partia...

2.1CVSS5.4AI score0.00389EPSS
CVE
CVE
added 2011/04/03 1:0 a.m.119 views

CVE-2011-1082

CVE-2011-1082 affects the Linux kernel prior to 2.6.38. The flaw is in fs/eventpoll.c where epoll file descriptors may be placed inside other epoll data structures without proper validation of closed loops or deep chains. This can let a local user cause a denial of service (deadlock or stack memo...

4.9CVSS7.4AI score0.00778EPSS
CVE
CVE
added 2011/03/01 10:0 p.m.118 views

CVE-2011-1017

CVE-2011-1017 relates to a heap-based buffer overflow in the Linux kernel’s LDM code path. Affected component: fs/partitions/ldm.c (ldm_frag_add) in kernel 2.6.37.2 and earlier. Root cause cited in connected docs: bugs in evaluating LDM partitions could crash the kernel for certain corrupted LDM ...

7.2CVSS8.1AI score0.00614EPSS
CVE
CVE
added 2011/10/05 1:0 a.m.117 views

CVE-2011-1076

CVE-2011-1076 affects the Linux kernel up to 2.6.37 in dns_key.c; remote DNS servers sending invalid responses can trigger a NULL pointer dereference/OOPS, leading to a denial of service. Reports from SUSE/Red Hat/NVD corroborate. Remediation: upgrade to kernel 2.6.38 or newer (vendor patches). E...

4.9CVSS8.6AI score0.00516EPSS
CVE
CVE
added 2011/08/29 6:0 p.m.117 views

CVE-2011-2213

The CVE-2011-2213 issue concerns the Linux kernel vulnerability in inet_diag_bc_audit (net/ipv4/inet_diag.c) present before 2.6.39.3. Affected component audits INET_DIAG bytecode and, when processing crafted INET_DIAG_REQ_BYTECODE messages (e.g., an INET_DIAG_BC_JMP with a zero yes value), allows...

4.9CVSS6AI score0.00411EPSS
CVE
CVE
added 2011/07/28 10:0 p.m.117 views

CVE-2011-2492

CVE-2011-2492 affects the Linux kernel Bluetooth subsystem prior to 3.0-rc4, where certain data structures are not properly initialized. The flaw is exploited via a crafted getsockopt system call in the l2cap_sock_getsockopt_old and rfcomm_sock_getsockopt_old paths, enabling local users to obtain...

1.9CVSS5.9AI score0.00354EPSS
CVE
CVE
added 2011/07/18 7:0 p.m.116 views

CVE-2010-4656

CVE-2010-4656 affects the Linux kernel’s USB iowarrior driver (drivers/usb/misc/iowarrior.c). The root cause is improper buffer/memory allocation in iowarrior_write, enabling a heap-based buffer overflow via a long report from a malicious device. This aligns with openSUSE/SUSE advisories noting a...

7.8CVSS7.1AI score0.00396EPSS
CVE
CVE
added 2011/07/18 10:0 p.m.116 views

CVE-2011-0726

The CVE-2011-0726 entry is supported by connected advisories describing a Linux kernel vulnerability in do_task_stat (fs/proc/array.c) present in kernels before 2.6.39-rc1. The flaw allows local users to defeat ASLR by reading start_code/end_code from /proc/[pid]/stat for PIE processes, implying ...

2.1CVSS6.7AI score0.00342EPSS
Web
CVE
CVE
added 2011/01/07 11:0 a.m.115 views

CVE-2010-4160

The CVE-2010-4160 issue is present in the Linux kernel before 2.6.36.2, involving multiple integer overflows in the PPPoL2TP and IPoL2TP sendmsg paths (pppol2tp_sendmsg and l2tp_ip_sendmsg). The vulnerability can allow local users to trigger a denial of service through heap memory corruption and ...

6.9CVSS7.5AI score0.00529EPSS
CVE
CVE
added 2011/06/24 8:0 p.m.115 views

CVE-2011-2484

CVE-2011-2484 affects the Linux kernel, specifically code paths in kernel/taskstats.c. In kernels 2.6.39.1 and earlier, add_del_listener does not prevent multiple registrations of exit handlers, enabling a local attacker to cause denial of service through memory/CPU exhaustion and potentially byp...

4.9CVSS5.7AI score0.00388EPSS
CVE
CVE
added 2011/01/11 1:0 a.m.114 views

CVE-2010-4242

CVE-2010-4242 affects the Linux kernel 2.6.36 (and possibly other versions). The vulnerability is in the HCI UART driver, specifically the hci_uart_tty_open function in drivers/bluetooth/hci_ldisc.c, which does not verify if the tty has a write operation. This can allow a local user to cause a de...

4CVSS7AI score0.00459EPSS
CVE
CVE
added 2011/01/11 1:0 a.m.113 views

CVE-2010-4175

Technical details for CVE-2010-4175 are not provided in the supplied documents; monitor for updates.

4.9CVSS7.4AI score0.00391EPSS
CVE
CVE
added 2011/02/18 7:0 p.m.113 views

CVE-2011-0712

Technical details about CVE-2011-0712 are not publicly provided in the supplied documents. Monitor for updates in connected advisories; no confirmed affected products, versions, or fixes are stated here.

7.2CVSS6.9AI score0.00435EPSS
CVE
CVE
added 2011/05/03 8:0 p.m.113 views

CVE-2011-1593

CVE-2011-1593 affects the Linux kernel before 2.6.38.4, where multiple integer overflows in the next_pidmap function (kernel/pid.c) allow a local user to crash the system via crafted getdents or readdir calls. The connected advisories confirm the affected component and the root cause (integer ove...

4.9CVSS6.1AI score0.00577EPSS
CVE
CVE
added 2011/06/24 8:0 p.m.113 views

CVE-2011-1770

CVE-2011-1770 affects the Linux kernel up to version 2.6.33.14, where an integer underflow in dccp_parse_options (net/dccp/options.c) can be triggered by a DCCP packet with an invalid feature options length, causing a buffer over-read and remote denial of service. The vulnerability is exploitable...

7.8CVSS7AI score0.04364EPSS
CVE
CVE
added 2011/01/13 6:35 p.m.112 views

CVE-2010-4527

The CVE-2010-4527 entry concerns the Linux kernel OSS sound driver (load_mixer_volumes in sound/oss/soundcard.c). It arises because a name field is not guaranteed to end with a NUL, enabling a local user to trigger a buffer overflow via SOUND_MIXER_SETLEVELS, with potential to escalate privileges...

6.9CVSS6.3AI score0.00494EPSS
CVE
CVE
added 2011/04/10 1:0 a.m.111 views

CVE-2011-1163

Vulnerability: CVE-2011-1163 affects the Linux kernel (fs/partitions/osf.c) where osf_partition mishandles an invalid number of partitions, potentially allowing local attackers to read kernel heap memory via partition-table parsing vectors. Affected: Linux kernel versions prior to 2.6.38. Root ca...

2.1CVSS7.5AI score0.00414EPSS
CVE
CVE
added 2011/10/23 10:0 a.m.110 views

CVE-2011-1478

CVE-2011-1478 affects the Linux kernel’s GRO napi_reuse_skb path: it does not reset certain structure members in net/core/dev.c, enabling a remote attacker to trigger a NULL pointer dereference via a malformed VLAN frame and cause a denial of service. The vulnerability is present in kernels befor...

5.7CVSS7.7AI score0.01089EPSS
Total number of security vulnerabilities82