rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2010-3301 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Sep 22, 2010 | The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by trigger | ||
| CVE-2010-2942 | Med | 5.5 | < 4.8.13-1.1 | 4.8.13-1.1 | Sep 21, 2010 | The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory v | |
| CVE-2010-2955 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Sep 8, 2010 | The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wi | ||
| CVE-2010-2066 | Med | 5.5 | < 4.8.13-1.1 | 4.8.13-1.1 | Sep 8, 2010 | The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor. | |
| CVE-2010-2954 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Sep 3, 2010 | The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecifi | ||
| CVE-2010-1641 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Jun 1, 2010 | The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request. | ||
| CVE-2010-1436 | — | < 4.8.13-1.1 | 4.8.13-1.1 | May 21, 2010 | gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demo | ||
| CVE-2010-1146 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Apr 12, 2010 | The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under | ||
| CVE-2009-4538 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Jan 12, 2010 | drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537. | ||
| CVE-2009-4536 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Jan 12, 2010 | drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large p | ||
| CVE-2009-4138 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Dec 16, 2009 | drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receivin | ||
| CVE-2009-4131 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Dec 13, 2009 | The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions. | ||
| CVE-2009-4027 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Dec 2, 2009 | Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session | ||
| CVE-2009-4026 | — | < 4.8.13-1.1 | 4.8.13-1.1 | Dec 2, 2009 | The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch." | ||
| CVE-2009-3939 | Hig | 7.1 | < 4.8.13-1.1 | 4.8.13-1.1 | Nov 16, 2009 | The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. |
- CVE-2010-3301Sep 22, 2010affected < 4.8.13-1.1fixed 4.8.13-1.1
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by trigger
- affected < 4.8.13-1.1fixed 4.8.13-1.1
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory v
- CVE-2010-2955Sep 8, 2010affected < 4.8.13-1.1fixed 4.8.13-1.1
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wi
- affected < 4.8.13-1.1fixed 4.8.13-1.1
The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.
- CVE-2010-2954Sep 3, 2010affected < 4.8.13-1.1fixed 4.8.13-1.1
The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecifi
- CVE-2010-1641Jun 1, 2010affected < 4.8.13-1.1fixed 4.8.13-1.1
The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
- CVE-2010-1436May 21, 2010affected < 4.8.13-1.1fixed 4.8.13-1.1
gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demo
- CVE-2010-1146Apr 12, 2010affected < 4.8.13-1.1fixed 4.8.13-1.1
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under
- CVE-2009-4538Jan 12, 2010affected < 4.8.13-1.1fixed 4.8.13-1.1
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.
- CVE-2009-4536Jan 12, 2010affected < 4.8.13-1.1fixed 4.8.13-1.1
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large p
- CVE-2009-4138Dec 16, 2009affected < 4.8.13-1.1fixed 4.8.13-1.1
drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receivin
- CVE-2009-4131Dec 13, 2009affected < 4.8.13-1.1fixed 4.8.13-1.1
The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions.
- CVE-2009-4027Dec 2, 2009affected < 4.8.13-1.1fixed 4.8.13-1.1
Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session
- CVE-2009-4026Dec 2, 2009affected < 4.8.13-1.1fixed 4.8.13-1.1
The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch."
- affected < 4.8.13-1.1fixed 4.8.13-1.1
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
Page 72 of 72