Suse Linux Enterprise Server Security Vulnerabilities and Issues — Suse Linux Enterprise Server CVE List

Lucene search

SuseSuse Linux Enterprise Server

9 matches found

CVE•added 2010/09/24 8:0 p.m.•116 views

CVE-2010-3081

The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the ...

7.8CVSS7.4AI score0.14754EPSS

CVE•added 2010/09/08 8:0 p.m.•114 views

CVE-2010-2798

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified ot...

7.8CVSS7.3AI score0.00053EPSS

CVE•added 2010/09/21 6:0 p.m.•103 views

CVE-2010-3078

The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call.

5.5CVSS5.5AI score0.00048EPSS

CVE•added 2010/09/08 8:0 p.m.•100 views

CVE-2010-2495

The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecif...

10CVSS6.4AI score0.01489EPSS

CVE•added 2010/09/08 8:0 p.m.•91 views

CVE-2010-2524

The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform...

7.8CVSS7AI score0.00082EPSS

CVE•added 2010/09/21 6:0 p.m.•91 views

CVE-2010-2942

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related ...

5.5CVSS5.5AI score0.00022EPSS

CVE•added 2010/09/30 3:0 p.m.•85 views

CVE-2010-2537

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.

7.1CVSS6.5AI score0.0009EPSS

CVE•added 2010/09/08 8:0 p.m.•81 views

CVE-2010-2066

The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.

5.5CVSS5.6AI score0.00061EPSS

CVE•added 2010/09/08 8:0 p.m.•74 views

CVE-2010-2960

The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact ...

7.8CVSS7.5AI score0.001EPSS