Kernel
by Linux
Source repositories
CVEs (15,797)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-1675 | 0.00 | — | 0.01 | May 2, 2008 | The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory. | |||
| CVE-2008-1375 | 0.00 | — | 0.00 | May 2, 2008 | Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors. | |||
| CVE-2008-1294 | 0.00 | — | 0.01 | May 2, 2008 | Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits. | |||
| CVE-2007-6712 | 0.00 | — | 0.00 | Apr 12, 2008 | Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired. | |||
| CVE-2008-1514 | 0.00 | — | 0.01 | Mar 26, 2008 | arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platforms allows local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference. | |||
| CVE-2008-1367 | 0.00 | — | 0.03 | Mar 17, 2008 | gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong… | |||
| CVE-2008-0163 | 0.00 | — | 0.00 | Feb 12, 2008 | Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc. | |||
| CVE-2008-0731 | 0.00 | — | 0.01 | Feb 12, 2008 | The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task. | |||
| CVE-2008-0007 | 0.00 | — | 0.00 | Feb 8, 2008 | Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset. | |||
| CVE-2007-4130 | 0.00 | — | 0.00 | Feb 5, 2008 | The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND… | |||
| CVE-2007-4998 | 0.00 | — | 0.00 | Jan 31, 2008 | cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination. | |||
| CVE-2007-6694 | 0.00 | — | 0.03 | Jan 29, 2008 | The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer… | |||
| CVE-2008-0001 | 0.00 | — | 0.00 | Jan 15, 2008 | VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories. | |||
| CVE-2007-5966 | 0.00 | — | 0.00 | Dec 20, 2007 | Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third… | |||
| CVE-2007-6434 | 0.00 | — | 0.00 | Dec 18, 2007 | Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function. | |||
| CVE-2007-6417 | 0.00 | — | 0.00 | Dec 18, 2007 | The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash). | |||
| CVE-2007-6151 | 0.00 | — | 0.01 | Dec 15, 2007 | The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow. | |||
| CVE-2007-6206 | 0.00 | — | 0.00 | Dec 4, 2007 | The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain… | |||
| CVE-2007-6063 | 0.00 | — | 0.00 | Nov 21, 2007 | Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function. | |||
| CVE-2007-5500 | 0.00 | — | 0.00 | Nov 20, 2007 | The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party… |
- CVE-2008-1675May 2, 2008risk 0.00cvss —epss 0.01
The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.
- CVE-2008-1375May 2, 2008risk 0.00cvss —epss 0.00
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
- CVE-2008-1294May 2, 2008risk 0.00cvss —epss 0.01
Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits.
- CVE-2007-6712Apr 12, 2008risk 0.00cvss —epss 0.00
Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired.
- CVE-2008-1514Mar 26, 2008risk 0.00cvss —epss 0.01
arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platforms allows local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference.
- CVE-2008-1367Mar 17, 2008risk 0.00cvss —epss 0.03
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong…
- CVE-2008-0163Feb 12, 2008risk 0.00cvss —epss 0.00
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.
- CVE-2008-0731Feb 12, 2008risk 0.00cvss —epss 0.01
The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task.
- CVE-2008-0007Feb 8, 2008risk 0.00cvss —epss 0.00
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
- CVE-2007-4130Feb 5, 2008risk 0.00cvss —epss 0.00
The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND…
- CVE-2007-4998Jan 31, 2008risk 0.00cvss —epss 0.00
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.
- CVE-2007-6694Jan 29, 2008risk 0.00cvss —epss 0.03
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer…
- CVE-2008-0001Jan 15, 2008risk 0.00cvss —epss 0.00
VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.
- CVE-2007-5966Dec 20, 2007risk 0.00cvss —epss 0.00
Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third…
- CVE-2007-6434Dec 18, 2007risk 0.00cvss —epss 0.00
Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function.
- CVE-2007-6417Dec 18, 2007risk 0.00cvss —epss 0.00
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).
- CVE-2007-6151Dec 15, 2007risk 0.00cvss —epss 0.01
The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow.
- CVE-2007-6206Dec 4, 2007risk 0.00cvss —epss 0.00
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain…
- CVE-2007-6063Nov 21, 2007risk 0.00cvss —epss 0.00
Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function.
- CVE-2007-5500Nov 20, 2007risk 0.00cvss —epss 0.00
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party…
Page 772 of 790