VYPR

Linux Kernel

by Ubuntu

Source repositories

CVEs (1,433)

  • CVE-2011-2209Jun 13, 2012
    risk 0.00cvss epss 0.00

    Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.

  • CVE-2011-1172Jun 22, 2011
    risk 0.00cvss epss 0.00

    net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from…

  • CVE-2010-4263Jan 18, 2011
    risk 0.00cvss epss 0.03

    The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to…

  • CVE-2010-4668Jan 3, 2011
    risk 0.00cvss epss 0.00

    The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists…

  • CVE-2010-4342Dec 30, 2010
    risk 0.00cvss epss 0.04

    The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP.

  • CVE-2010-3297Sep 30, 2010
    risk 0.00cvss epss 0.00

    The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.

  • CVE-2009-3556Jan 27, 2010
    risk 0.00cvss epss 0.00

    A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under…

  • CVE-2009-4537Jan 12, 2010
    risk 0.00cvss epss 0.06

    drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted…

  • CVE-2009-4307Dec 13, 2009
    risk 0.00cvss epss 0.03

    The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size…

  • CVE-2009-4306Dec 13, 2009
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel 2.6.32-git6 and earlier allows local users to cause a denial of service (filesystem corruption) via unknown vectors, a different vulnerability…

  • CVE-2009-3080Nov 20, 2009
    risk 0.00cvss epss 0.00

    Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.

  • CVE-2008-4395Nov 6, 2008
    risk 0.00cvss epss 0.02

    Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.

  • CVE-2007-2172Apr 22, 2007
    risk 0.00cvss epss 0.00

    A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.

  • CVE-2006-5753Jan 30, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.

  • CVE-2006-6304Dec 14, 2006
    risk 0.00cvss epss 0.02

    The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump.

  • CVE-2006-6333Dec 6, 2006
    risk 0.00cvss epss 0.03

    The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wrong flag to the ip_summed field, which allows remote attackers to cause a denial of service (memory corruption) via crafted packets that cause the kernel to interpret another field as an offset.

  • CVE-2006-4572Nov 7, 2006
    risk 0.00cvss epss 0.04

    ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a…

  • CVE-2006-5619Oct 31, 2006
    risk 0.00cvss epss 0.00

    The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels.

  • CVE-2006-3745Aug 23, 2006
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors.

  • CVE-2006-3085Jun 23, 2006
    risk 0.00cvss epss 0.03

    xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length.