Max CVSS | 8.3 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-3875 | 2.1 |
The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this str
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-3877 | 1.9 |
The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structur
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-3876 | 1.9 |
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capabilit
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-3873 | 5.0 |
The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed (1)
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-4164 | 7.8 |
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CL
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-3880 | 4.9 |
net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message t
|
13-02-2023 - 04:27 | 10-12-2010 - 19:00 | |
CVE-2010-3874 | 4.0 |
Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial
|
13-02-2023 - 04:27 | 29-12-2010 - 18:00 | |
CVE-2010-3858 | 4.9 |
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit pl
|
13-02-2023 - 04:26 | 30-11-2010 - 21:38 | |
CVE-2010-3849 | 4.7 |
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a N
|
13-02-2023 - 04:26 | 30-12-2010 - 19:00 | |
CVE-2010-3859 | 6.9 |
Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in ne
|
13-02-2023 - 04:26 | 29-12-2010 - 18:00 | |
CVE-2010-3850 | 2.1 |
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR i
|
13-02-2023 - 04:26 | 30-12-2010 - 19:00 | |
CVE-2010-3848 | 6.9 |
Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.
|
13-02-2023 - 04:26 | 30-12-2010 - 19:00 | |
CVE-2010-3705 | 8.3 |
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a cr
|
13-02-2023 - 04:25 | 26-11-2010 - 20:00 | |
CVE-2010-3432 | 7.8 |
The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP
|
13-02-2023 - 04:24 | 22-11-2010 - 13:00 | |
CVE-2010-3437 | 6.6 |
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dere
|
13-02-2023 - 04:24 | 04-10-2010 - 21:00 | |
CVE-2010-3442 | 4.7 |
Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a
|
13-02-2023 - 04:24 | 04-10-2010 - 21:00 | |
CVE-2010-3448 | 4.9 |
drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the X.Org X server is used, does not properly restrict access to the video output control state, which allows local users to cause a denial of service (s
|
13-02-2023 - 04:24 | 03-01-2011 - 20:00 | |
CVE-2010-3310 | 1.9 |
Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function
|
13-02-2023 - 04:23 | 29-09-2010 - 17:00 | |
CVE-2010-3297 | 2.1 |
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL
|
13-02-2023 - 04:23 | 30-09-2010 - 15:00 | |
CVE-2010-3296 | 2.1 |
The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack
|
13-02-2023 - 04:22 | 30-09-2010 - 15:00 | |
CVE-2010-3067 | 4.9 |
Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.
|
13-02-2023 - 04:21 | 21-09-2010 - 18:00 | |
CVE-2010-4083 | 1.9 |
The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3
|
14-08-2020 - 15:23 | 30-11-2010 - 22:14 | |
CVE-2010-4072 | 1.9 |
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmct
|
14-08-2020 - 15:19 | 29-11-2010 - 16:00 | |
CVE-2010-2963 | 6.2 |
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kerne
|
14-08-2020 - 15:10 | 26-11-2010 - 19:00 | |
CVE-2010-3477 | 2.1 |
The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to o
|
14-08-2020 - 14:03 | 21-09-2010 - 20:00 | |
CVE-2010-4081 | 1.9 |
The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_
|
13-08-2020 - 13:15 | 30-11-2010 - 22:14 | |
CVE-2010-4078 | 1.9 |
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via
|
13-08-2020 - 13:13 | 29-11-2010 - 16:00 | |
CVE-2010-4080 | 2.1 |
The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HD
|
12-08-2020 - 19:34 | 30-11-2010 - 22:14 | |
CVE-2010-4079 | 1.9 |
The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memor
|
12-08-2020 - 18:06 | 29-11-2010 - 16:00 | |
CVE-2010-4073 | 1.9 |
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat
|
10-08-2020 - 19:44 | 29-11-2010 - 16:00 | |
CVE-2010-4074 | 1.9 |
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl cal
|
10-08-2020 - 16:18 | 29-11-2010 - 16:00 |