VYPR

Kernel

by Linux

Source repositories

CVEs (15,353)

  • CVE-2009-0269Jan 26, 2009
    risk 0.00cvss epss 0.01

    fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return…

  • CVE-2009-0031Jan 21, 2009
    risk 0.00cvss epss 0.00

    Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."

  • CVE-2009-0029Jan 15, 2009
    risk 0.00cvss epss 0.00

    The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a…

  • CVE-2009-0024Jan 13, 2009
    risk 0.00cvss epss 0.00

    The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vm_file structure member, and the mmap_region and do_munmap functions.

  • CVE-2008-4307Jan 13, 2009
    risk 0.00cvss epss 0.00

    Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between…

  • CVE-2008-5702Dec 22, 2008
    risk 0.00cvss epss 0.00

    Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.

  • CVE-2008-5701Dec 22, 2008
    risk 0.00cvss epss 0.00

    Array index error in arch/mips/kernel/scall64-o32.S in the Linux kernel before 2.6.28-rc8 on 64-bit MIPS platforms allows local users to cause a denial of service (system crash) via an o32 syscall with a small syscall number, which leads to an attempted read operation outside…

  • CVE-2008-5700Dec 22, 2008
    risk 0.00cvss epss 0.00

    libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.

  • CVE-2008-5395Dec 9, 2008
    risk 0.00cvss epss 0.00

    The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses.

  • CVE-2008-5300Dec 1, 2008
    risk 0.00cvss epss 0.00

    Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.

  • CVE-2008-5182Nov 21, 2008
    risk 0.00cvss epss 0.00

    The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.

  • CVE-2008-5134Nov 18, 2008
    risk 0.00cvss epss 0.05

    Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response."

  • CVE-2008-5025Nov 17, 2008
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a…

  • CVE-2008-5033Nov 10, 2008
    risk 0.00cvss epss 0.03

    The chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service (NULL function pointer dereference and OOPS) via unknown vectors.

  • CVE-2008-5029Nov 10, 2008
    risk 0.00cvss epss 0.01

    The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS…

  • CVE-2008-4395Nov 6, 2008
    risk 0.00cvss epss 0.02

    Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.

  • CVE-2008-4934Nov 5, 2008
    risk 0.00cvss epss 0.03

    The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (system crash) via a crafted…

  • CVE-2008-4933Nov 5, 2008
    risk 0.00cvss epss 0.03

    Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to…

  • CVE-2008-3527Nov 5, 2008
    risk 0.00cvss epss 0.00

    arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the…

  • CVE-2008-4618Oct 21, 2008
    risk 0.00cvss epss 0.03

    The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related…

Page 747 of 768