58 matches found
CVE-2010-4169
CVE-2010-4169 is a Linux kernel use-after-free in mm/mprotect.c, vulnerable before 2.6.37-rc2. Local users can trigger a denial of service via an mprotect syscall. The MiracleLinux advisory AXSA:2011-80:02 confirms the issue among kernel fixes; remediation is to upgrade to kernel 2.6.37-rc2 or ne...
CVE-2010-4347
CVE-2010-4347 affects the Linux kernel’s ACPI subsystem. The vulnerability arises in the debugfs interface (custom_method file) which, due to world-writable 0222 permissions, lets a local user place a custom ACPI method in interpreter tables via acpi_debugfs_init in drivers/acpi/debugfs.c. This c...
CVE-2010-4082
CVE-2010-4082 affects the Linux kernel prior to 2.6.36-rc5, where viafb_ioctl_get_viafb_info in drivers/video/via/ioctl.c fails to initialize a structure member. This can allow local users to leak potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call. The issu...
CVE-2010-3861
CVE-2010-3861 affects the Linux kernel up to version 2.6.36. The vulnerability arises in the ethtool_get_rxnfc function in net/core/ethtool.c, which fails to initialize a certain block of heap memory. This can allow a local user to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLA...
CVE-2010-2955
The CVE-2010-2955 issue affects the Linux kernel before 2.6.36-rc3-next-20100831, specifically the cfg80211_wext_giwessid function in net/wireless/wext-compat.c, which fails to initialize certain structure members. This enables a local attacker to exploit an off-by-one error in ioctl_standard_iw_...
CVE-2010-4162
CVE-2010-4162: Linux kernel before 2.6.36.2 contains multiple integer overflows in fs/bio.c that allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. MiracleLinux AXSA:2011-57 lists CVE-2010-4162 among affected kernel issues and references a f...
CVE-2010-3297
CVE-2010-3297 affects the Linux kernel net/eql driver; the eql_g_master_cfg function in drivers/net/eql.c did not initialize a structure member, enabling local users to read kernel stack memory via an EQL_GETMASTRCFG ioctl. Affects kernels before 2.6.36-rc5; corrected in subsequent patches (net/e...
CVE-2010-3298
CVE-2010-3298 affects the Linux kernel. The hso_get_count function in drivers/net/usb/hso.c, in kernel builds before 2.6.36-rc5, does not initialize a certain structure member, which allows local users to read potentially sensitive information from kernel stack memory via the TIOCGICOUNT ioctl. T...