Max CVSS | 8.3 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-4258 | 6.2 |
The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain pri
|
13-02-2023 - 04:28 | 30-12-2010 - 19:00 | |
CVE-2010-4248 | 4.9 |
Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers
|
13-02-2023 - 04:28 | 30-11-2010 - 21:38 | |
CVE-2010-4346 | 2.1 |
The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL point
|
13-02-2023 - 04:28 | 22-12-2010 - 21:00 | |
CVE-2010-4158 | 2.1 |
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users t
|
13-02-2023 - 04:27 | 30-12-2010 - 19:00 | |
CVE-2010-4162 | 4.7 |
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-3875 | 2.1 |
The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this str
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-4163 | 4.7 |
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device.
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-3877 | 1.9 |
The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structur
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-4165 | 4.9 |
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small v
|
13-02-2023 - 04:27 | 22-11-2010 - 13:00 | |
CVE-2010-3873 | 5.0 |
The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed (1)
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-4164 | 7.8 |
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CL
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
CVE-2010-3874 | 4.0 |
Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial
|
13-02-2023 - 04:27 | 29-12-2010 - 18:00 | |
CVE-2010-3859 | 6.9 |
Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in ne
|
13-02-2023 - 04:26 | 29-12-2010 - 18:00 | |
CVE-2010-3698 | 4.9 |
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local D
|
13-02-2023 - 04:25 | 26-11-2010 - 19:00 | |
CVE-2010-3705 | 8.3 |
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a cr
|
13-02-2023 - 04:25 | 26-11-2010 - 20:00 | |
CVE-2010-3437 | 6.6 |
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dere
|
13-02-2023 - 04:24 | 04-10-2010 - 21:00 | |
CVE-2010-3310 | 1.9 |
Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function
|
13-02-2023 - 04:23 | 29-09-2010 - 17:00 | |
CVE-2010-3067 | 4.9 |
Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.
|
13-02-2023 - 04:21 | 21-09-2010 - 18:00 | |
CVE-2009-2406 | 6.9 |
Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vec
|
13-02-2023 - 02:20 | 31-07-2009 - 19:00 | |
CVE-2010-4072 | 1.9 |
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmct
|
14-08-2020 - 15:19 | 29-11-2010 - 16:00 | |
CVE-2010-4565 | 2.1 |
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, wh
|
10-08-2020 - 19:56 | 29-12-2010 - 18:00 | |
CVE-2010-4073 | 1.9 |
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat
|
10-08-2020 - 19:44 | 29-11-2010 - 16:00 | |
CVE-2010-3015 | 4.7 |
Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a
|
10-10-2018 - 20:00 | 20-08-2010 - 18:00 | |
CVE-2009-4307 | 7.1 |
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block wi
|
19-09-2017 - 01:29 | 13-12-2009 - 01:30 |