VYPR

Linux kernel

by Linux

Source repositories

CVEs (356)

  • CVE-2012-2136Aug 9, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging…

  • CVE-2012-2133Jul 3, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers…

  • CVE-2012-2100Jul 3, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.03

    The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed…

  • CVE-2011-4127Jul 3, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.

  • CVE-2011-4086Jul 3, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4…

  • CVE-2012-0028Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.

  • CVE-2011-4914Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.09

    The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service…

  • CVE-2011-4324Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem.

  • CVE-2011-1493Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.03

    Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that…

  • CVE-2011-1479Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    Double free vulnerability in the inotify subsystem in the Linux kernel before 2.6.39 allows local users to cause a denial of service (system crash) via vectors involving failed attempts to create files. NOTE: this vulnerability exists because of an incorrect fix for…

  • CVE-2011-1477Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer.

  • CVE-2011-1476Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    Integer underflow in the Open Sound System (OSS) subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service (memory corruption) by leveraging write access to /dev/sequencer.

  • CVE-2011-1160Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors.

  • CVE-2011-1080Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the…

  • CVE-2011-1023Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or…

  • CVE-2011-1021Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2011-0716Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of service (memory corruption and system crash) by sending IGMP packets to a local…

  • CVE-2010-4650Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.00

    Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging the ability to operate a CUSE server.

  • CVE-2010-4250Jun 21, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.01

    Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files.

  • CVE-2012-1583Jun 16, 2012
    Linux
    Kernel
    risk 0.00cvss epss 0.04

    Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux kernel before 2.6.22, when the xfrm6_tunnel module is enabled, allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets.

Page 9 of 18