Lucene search
K

7 matches found

CVE
CVE
added 2009/11/04 3:0 p.m.165 views

CVE-2009-3547

CVE-2009-3547 refers to multiple race conditions in fs/pipe.c of the Linux kernel before 2.6.32-rc6. The flaws can allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by opening an anonymous pipe via a /proc/*/fd/ pathname. A fix is availa...

7CVSS6.8AI score0.0489EPSS
In wild
CVE
CVE
added 2009/08/11 6:0 p.m.142 views

CVE-2009-2416

CVE-2009-2416 is a use-after-free in libxml2 (versions 2.5.10, 2.6.16, 2.6.26, 2.6.27, 2.6.32) and libxml 1.8.17 triggered by crafted Notation/Enumeration attribute types in a DTD; leads to denial of service (application crash). Related CVE-2009-2414 is a stack-growth DoS via deep DTD structures....

6.5CVSS6.7AI score0.01808EPSS
CVE
CVE
added 2009/08/18 8:41 p.m.133 views

CVE-2009-2848

CVE-2009-2848 is confirmed in connected material as applicable to MiracleLinux kernel package 2.6.18-128.10AXS3, aligning with the Linux kernel vulnerability where execve does not properly clear current->clear_child_tid during thread creation/exit. This misbehavior can enable local users to ca...

5.9CVSS6.2AI score0.00516EPSS
CVE
CVE
added 2009/03/25 1:0 a.m.130 views

CVE-2009-1072

CVE-2009-1072 affects the Linux kernel prior to 2.6.28.9. nfsd in the kernel does not drop the CAP_MKNOD capability before handling a user request in a thread, enabling local users on an exported filesystem using root_squash to create device nodes. MiracleLinux 3 lists this as fixed in kernel-2.6...

4.9CVSS4.4AI score0.00427EPSS
CVE
CVE
added 2009/10/22 3:26 p.m.130 views

CVE-2009-3621

The CVE-2009-3621 issue affects the Linux kernel up to version 2.6.31.4 and earlier, specifically in net/unix/af_unix.c. The vulnerability allows a local attacker to cause a denial of service (system hang) by: (1) creating an abstract-namespace AF_UNIX listening socket, (2) performing a shutdown ...

5.5CVSS6.1AI score0.00987EPSS
CVE
CVE
added 2009/03/12 3:0 p.m.99 views

CVE-2009-0778

CVE-2009-0778 affects the Linux kernel prior to 2.6.25 when configured as a router with a REJECT route. The icmp_send code in net/ipv4/icmp.c can mishandle the Protocol Independent Destination (DST) cache, potentially leaking DST state and allowing remote attackers to cause a denial of service (c...

7.1CVSS6.9AI score0.04623EPSS
CVE
CVE
added 2012/06/01 8:0 p.m.55 views

CVE-2012-2752

CVE-2012-2752 affects VMware vMA 4.x and 5.x before 5.0.0.2. The issue is an untrusted library/file-loading path that can be abused by local users to gain privileges via a Trojan horse DLL in the current working directory. Root cause: how the VMware library files are loaded. Impact is local privi...

7.2CVSS6.6AI score0.00395EPSS