- Home
- CVEs with nessus.description==The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security fixes :
- The maximum file offset handling for ext4 file systems
could allow a local, unprivileged user to cause a denial
of service. (CVE-2011-2695, Important)
- IPv6 fragment identification value generation could
allow a remote attacker to disrupt a target system's
networking, preventing legitimate users from accessing
its services. (CVE-2011-2699, Important)
- A malicious CIFS (Common Internet File System) server
could send a specially crafted response to a directory
read request that would result in a denial of service or
privilege escalation on a system that has a CIFS share
mounted. (CVE-2011-3191, Important)
- A local attacker could use mount.ecryptfs_private to
mount (and then access) a directory they would otherwise
not have access to. Note: To correct this issue, a
ecryptfs-utils update must also be installed.
(CVE-2011-1833, Moderate)
- A flaw in the taskstats subsystem could allow a local,
unprivileged user to cause excessive CPU time and memory
use. (CVE-2011-2484, Moderate)
- Mapping expansion handling could allow a local,
unprivileged user to cause a denial of service.
(CVE-2011-2496, Moderate)
- GRO (Generic Receive Offload) fields could be left in an
inconsistent state. An attacker on the local network
could use this flaw to cause a denial of service. GRO is
enabled by default in all network drivers that support
it. (CVE-2011-2723, Moderate)
- A previous update introduced a regression in the
Ethernet bridge implementation. If a system had an
interface in a bridge, and an attacker on the local
network could send packets to that interface, they could
cause a denial of service on that system. Xen hypervisor
and KVM (Kernel-based Virtual Machine) hosts often
deploy bridge interfaces. (CVE-2011-2942, Moderate)
- A flaw in the Xen hypervisor IOMMU error handling
implementation could allow a privileged guest user,
within a guest operating system that has direct control
of a PCI device, to cause performance degradation on the
host and possibly cause it to hang. (CVE-2011-3131,
Moderate)
- IPv4 and IPv6 protocol sequence number and fragment ID
generation could allow a man-in-the-middle attacker to
inject packets and possibly hijack connections. Protocol
sequence number and fragment IDs are now more random.
(CVE-2011-3188, Moderate)
- A flaw in the kernel's clock implementation could allow
a local, unprivileged user to cause a denial of service.
(CVE-2011-3209, Moderate)
- Non-member VLAN (virtual LAN) packet handling for
interfaces in promiscuous mode and also using the be2net
driver could allow an attacker on the local network to
cause a denial of service. (CVE-2011-3347, Moderate)
- A flaw in the auerswald USB driver could allow a local,
unprivileged user to cause a denial of service or
escalate their privileges by inserting a specially
crafted USB device. (CVE-2009-4067, Low)
- A flaw in the Trusted Platform Module (TPM)
implementation could allow a local, unprivileged user to
leak information to user space. (CVE-2011-1160, Low)
- A local, unprivileged user could possibly mount a CIFS
share that requires authentication without knowing the
correct password if the mount was already mounted by
another local user. (CVE-2011-1585, Low)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top