VYPR

Kernel

by Linux

Source repositories

CVEs (15,356)

  • CVE-2011-2182Jun 13, 2012
    risk 0.00cvss epss 0.00

    The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel before 2.6.39.1 does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a…

  • CVE-2011-1927Jun 13, 2012
    risk 0.00cvss epss 0.03

    The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets.

  • CVE-2011-1768Jun 13, 2012
    risk 0.00cvss epss 0.02

    The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading.

  • CVE-2011-1767Jun 13, 2012
    risk 0.00cvss epss 0.03

    net/ipv4/ip_gre.c in the Linux kernel before 2.6.34, when ip_gre is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading.

  • CVE-2011-1759Jun 13, 2012
    risk 0.00cvss epss 0.00

    Integer overflow in the sys_oabi_semtimedop function in arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 2.6.39 on the ARM platform, when CONFIG_OABI_COMPAT is enabled, allows local users to gain privileges or cause a denial of service (heap memory corruption) by…

  • CVE-2011-4080May 24, 2012
    risk 0.00cvss epss 0.00

    The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAP_SYS_ADMIN capability to modify the dmesg_restrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging…

  • CVE-2011-2521May 24, 2012
    risk 0.00cvss epss 0.00

    The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c in the Performance Events subsystem in the Linux kernel before 2.6.39 does not properly calculate counter values, which allows local users to cause a denial of service (panic) via the perf program.

  • CVE-2011-2518May 24, 2012
    risk 0.00cvss epss 0.00

    The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other…

  • CVE-2011-2517May 24, 2012
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value.

  • CVE-2012-2319May 17, 2012
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.

  • CVE-2012-2123May 17, 2012
    risk 0.00cvss epss 0.00

    The cap_bprm_set_creds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the use of file system capabilities (aka fcaps) for implementing a privileged executable file, which allows local users to bypass intended personality restrictions…

  • CVE-2012-2121May 17, 2012
    risk 0.00cvss epss 0.00

    The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to…

  • CVE-2012-1601May 17, 2012
    risk 0.00cvss epss 0.00

    The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.

  • CVE-2012-1179May 17, 2012
    risk 0.00cvss epss 0.01

    The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages.

  • CVE-2011-4611May 17, 2012
    risk 0.00cvss epss 0.00

    Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of…

  • CVE-2011-4326May 17, 2012
    risk 0.00cvss epss 0.03

    The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge…

  • CVE-2011-4131May 17, 2012
    risk 0.00cvss epss 0.01

    The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.

  • CVE-2010-4563Feb 2, 2012
    risk 0.00cvss epss 0.03

    The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping.

  • CVE-2011-4330Jan 27, 2012
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in the hfs_mac2asc function in fs/hfs/trans.c in the Linux kernel 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via an HFS image with a crafted len field.

  • CVE-2011-4325Jan 27, 2012
    risk 0.00cvss epss 0.00

    The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly initializing certain data, which allows local users to cause a denial of service (NULL pointer dereference and O_DIRECT oops), as demonstrated using diotest4 from LTP.

Page 735 of 768