VYPR

Kernel

by Linux

Source repositories

CVEs (15,869)

  • CVE-2014-7975MedOct 13, 2014
    risk 0.29cvss 5.5epss 0.00

    The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making…

  • CVE-2014-7970MedOct 13, 2014
    risk 0.29cvss 5.5epss 0.01

    The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the…

  • CVE-2014-0203MedJun 23, 2014
    risk 0.29cvss 5.5epss 0.01

    The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open…

  • CVE-2013-2128MedJun 7, 2013
    risk 0.29cvss 5.5epss 0.00

    The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.

  • CVE-2011-2479MedMar 1, 2013
    risk 0.29cvss 5.5epss 0.01

    The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (system crash) via a crafted application.

  • CVE-2011-4081MedMay 24, 2012
    risk 0.29cvss 5.5epss 0.00

    crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update…

  • CVE-2011-3353MedMay 24, 2012
    risk 0.29cvss 5.5epss 0.00

    Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem.

  • CVE-2011-2906MedMay 24, 2012
    risk 0.29cvss 5.5epss 0.00

    Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioctl call. NOTE: this may…

  • CVE-2011-2898MedMay 24, 2012
    risk 0.29cvss 5.5epss 0.00

    net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.

  • CVE-2012-1146MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.01

    The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash)…

  • CVE-2012-1090MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

  • CVE-2012-0879MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.

  • CVE-2012-0058MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    The kiocb_batch_free function in fs/aio.c in the Linux kernel before 3.2.2 allows local users to cause a denial of service (OOPS) via vectors that trigger incorrect iocb management.

  • CVE-2012-0038MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.

  • CVE-2011-4621MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop.

  • CVE-2011-4594MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference.

  • CVE-2011-4112MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen…

  • CVE-2011-4097MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.

  • CVE-2011-3637MedMay 17, 2012
    risk 0.29cvss 5.5epss 0.00

    The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error.

  • CVE-1999-0524MedAug 1, 1997
    risk 0.29cvss 4.0epss 0.32

    ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

Page 577 of 794