- Home
- CVEs with nessus.description==Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :
- CVE-2011-2183 Andrea Righi reported an issue in KSM, a memory-saving de-duplication feature. By exploiting a race with exiting tasks, local users can cause a kernel oops, resulting in a denial of service.
- CVE-2011-2213 Dan Rosenberg discovered an issue in the INET socket monitoring interface. Local users could cause a denial of service by injecting code and causing the kernel to execute an infinite loop.
- CVE-2011-2898 Eric Dumazet reported an information leak in the raw packet socket implementation.
- CVE-2011-3353 Han-Wen Nienhuys reported a local denial of service issue in the FUSE (Filesystem in Userspace) support in the Linux kernel. Local users could cause a buffer overflow, leading to a kernel oops and resulting in a denial of service.
- CVE-2011-4077 Carlos Maiolino reported an issue in the XFS filesystem.
A local user with the ability to mount a filesystem could corrupt memory resulting in a denial of service or possibly gain elevated privileges.
- CVE-2011-4110 David Howells reported an issue in the kernel's access key retention system which allow local users to cause a kernel oops leading to a denial of service.
- CVE-2011-4127 Paolo Bonzini of Red Hat reported an issue in the ioctl passthrough support for SCSI devices. Users with permission to access restricted portions of a device (e.g. a partition or a logical volume) can obtain access to the entire device by way of the SG_IO ioctl. This could be exploited by a local user or privileged VM guest to achieve a privilege escalation.
- CVE-2011-4611 Maynard Johnson reported an issue with the perf support on POWER7 systems that allows local users to cause a denial of service.
- CVE-2011-4622 Jan Kiszka reported an issue in the KVM PIT timer support. Local users with the permission to use KVM can cause a denial of service by starting a PIT timer without first setting up the irqchip.
- CVE-2011-4914 Ben Hutchings reported various bounds checking issues within the ROSE protocol support in the kernel. Remote users could possibly use this to gain access to sensitive memory or cause a denial of service.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top