VYPR

Kernel

by Linux

Source repositories

CVEs (15,356)

  • CVE-2011-4132Jan 27, 2012
    risk 0.00cvss epss 0.00

    The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value."

  • CVE-2011-4110Jan 27, 2012
    risk 0.00cvss epss 0.00

    The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."

  • CVE-2011-4077Jan 27, 2012
    risk 0.00cvss epss 0.01

    Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing…

  • CVE-2011-2203Jan 27, 2012
    risk 0.00cvss epss 0.00

    The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record.

  • CVE-2011-1162Jan 27, 2012
    risk 0.00cvss epss 0.00

    The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command.

  • CVE-2011-1478Oct 23, 2011
    risk 0.00cvss epss 0.01

    The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference)…

  • CVE-2011-1076Oct 5, 2011
    risk 0.00cvss epss 0.01

    net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allows remote DNS servers to cause a denial of service (NULL pointer dereference and OOPS) by not providing a valid response to a DNS query, as demonstrated by an erroneous grand.centrall.org query, which triggers…

  • CVE-2011-2184Sep 6, 2011
    risk 0.00cvss epss 0.00

    The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified…

  • CVE-2011-2723Sep 6, 2011
    risk 0.00cvss epss 0.01

    The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted…

  • CVE-2011-2700Sep 6, 2011
    risk 0.00cvss epss 0.01

    Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls…

  • CVE-2011-1576Aug 31, 2011
    risk 0.00cvss epss 0.01

    The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of…

  • CVE-2011-2497Aug 29, 2011
    risk 0.00cvss epss 0.02

    Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within the…

  • CVE-2011-2213Aug 29, 2011
    risk 0.00cvss epss 0.00

    The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink…

  • CVE-2011-2928Aug 29, 2011
    risk 0.00cvss epss 0.01

    The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a…

  • CVE-2011-2695Jul 28, 2011
    risk 0.00cvss epss 0.00

    Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest…

  • CVE-2011-2689Jul 28, 2011
    risk 0.00cvss epss 0.00

    The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups…

  • CVE-2011-2492Jul 28, 2011
    risk 0.00cvss epss 0.00

    The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the…

  • CVE-2011-1093Jul 18, 2011
    risk 0.00cvss epss 0.03

    The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL…

  • CVE-2011-0726Jul 18, 2011
    risk 0.00cvss epss 0.00

    The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for…

  • CVE-2011-2484Jun 24, 2011
    risk 0.00cvss epss 0.00

    The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted…

Page 736 of 768