Max CVSS | 7.8 | Min CVSS | 4.4 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-3547 | 6.9 |
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathna
|
15-02-2024 - 21:12 | 04-11-2009 - 15:30 | |
CVE-2009-2692 | 7.2 |
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using
|
08-02-2024 - 23:50 | 14-08-2009 - 15:16 | |
CVE-2009-2698 | 7.2 |
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vecto
|
28-12-2023 - 15:22 | 27-08-2009 - 17:30 | |
CVE-2009-1895 | 7.2 |
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to l
|
13-02-2023 - 02:20 | 16-07-2009 - 15:30 | |
CVE-2009-1385 | 7.8 |
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote a
|
13-02-2023 - 02:20 | 04-06-2009 - 16:30 | |
CVE-2009-2848 | 5.9 |
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone
|
28-08-2020 - 13:10 | 18-08-2009 - 21:00 | |
CVE-2009-3002 | 4.9 |
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to th
|
16-11-2018 - 15:43 | 28-08-2009 - 15:30 | |
CVE-2008-5300 | 4.9 |
Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulne
|
11-10-2018 - 20:54 | 01-12-2008 - 17:30 | |
CVE-2008-5029 | 4.9 |
The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors rela
|
11-10-2018 - 20:53 | 10-11-2008 - 16:15 | |
CVE-2009-1337 | 4.4 |
The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies
|
10-10-2018 - 19:36 | 22-04-2009 - 15:30 |