Max CVSS 10.0 Min CVSS 1.9 Total Count24
IDCVSSSummaryLast (major) updatePublished
CVE-2009-1046 4.7
The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a sma
31-05-2016 - 11:08 23-03-2009 - 12:30
CVE-2009-1192 4.9
The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows
25-08-2013 - 02:00 24-04-2009 - 11:30
CVE-2009-0028 2.1
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting thi
01-08-2013 - 02:03 27-02-2009 - 12:30
CVE-2009-0745 4.9
The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not properly initialize the group descriptor during a resize (aka resize2fs) operation, which might allow local users to cause
22-01-2013 - 23:13 27-02-2009 - 12:30
CVE-2009-0676 2.1
The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt
12-04-2012 - 00:00 22-02-2009 - 17:30
CVE-2009-1265 5.0
Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.
23-03-2012 - 00:00 07-04-2009 - 21:30
CVE-2009-0859 4.7
The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_IN
22-03-2012 - 00:00 09-03-2009 - 17:30
CVE-2009-1439 7.8
Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.
19-03-2012 - 00:00 27-04-2009 - 14:00
CVE-2009-1338 4.6
The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary
19-03-2012 - 00:00 22-04-2009 - 11:30
CVE-2009-1337 4.4
The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies
19-03-2012 - 00:00 22-04-2009 - 11:30
CVE-2009-1242 4.9
The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode e
19-03-2012 - 00:00 06-04-2009 - 10:30
CVE-2009-0834 3.6
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass
19-03-2012 - 00:00 06-03-2009 - 06:30
CVE-2009-0675 2.1
The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset t
19-03-2012 - 00:00 22-02-2009 - 17:30
CVE-2009-0322 4.9
drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size
19-03-2012 - 00:00 28-01-2009 - 13:30
CVE-2009-0269 4.9
fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, l
19-03-2012 - 00:00 26-01-2009 - 10:30
CVE-2009-0065 10.0
Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large
19-03-2012 - 00:00 07-01-2009 - 14:30
CVE-2009-0031 4.9
Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."
19-03-2012 - 00:00 20-01-2009 - 21:30
CVE-2009-0029 7.2
The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which
19-03-2012 - 00:00 15-01-2009 - 12:30
CVE-2008-5702 7.2
Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.
19-03-2012 - 00:00 22-12-2008 - 10:30
CVE-2008-5701 4.7
Array index error in arch/mips/kernel/scall64-o32.S in the Linux kernel before 2.6.28-rc8 on 64-bit MIPS platforms allows local users to cause a denial of service (system crash) via an o32 syscall with a small syscall number, which leads to an attemp
19-03-2012 - 00:00 22-12-2008 - 10:30
CVE-2008-5700 1.9
libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.
19-03-2012 - 00:00 22-12-2008 - 10:30
CVE-2008-5395 4.9
The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains usersp
19-03-2012 - 00:00 08-12-2008 - 19:30
CVE-2008-5079 4.9
net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, relat
19-03-2012 - 00:00 08-12-2008 - 19:30
CVE-2008-4307 4.0
Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improp
19-03-2012 - 00:00 13-01-2009 - 12:00
Back to Top Mark selected
Back to Top