| Max CVSS | 7.8 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-4258 | 6.2 |
The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain pri
|
13-02-2023 - 04:28 | 30-12-2010 - 19:00 | |
| CVE-2010-4158 | 2.1 |
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users t
|
13-02-2023 - 04:27 | 30-12-2010 - 19:00 | |
| CVE-2010-4162 | 4.7 |
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
| CVE-2010-4163 | 4.7 |
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device.
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
| CVE-2010-4165 | 4.9 |
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small v
|
13-02-2023 - 04:27 | 22-11-2010 - 13:00 | |
| CVE-2010-4157 | 6.2 |
Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argu
|
13-02-2023 - 04:27 | 10-12-2010 - 19:00 | |
| CVE-2010-4160 | 6.9 |
Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to c
|
13-02-2023 - 04:27 | 07-01-2011 - 12:00 | |
| CVE-2010-4164 | 7.8 |
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CL
|
13-02-2023 - 04:27 | 03-01-2011 - 20:00 | |
| CVE-2010-4169 | 4.9 |
Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call.
|
13-02-2023 - 04:27 | 22-11-2010 - 13:00 | |
| CVE-2010-3874 | 4.0 |
Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial
|
13-02-2023 - 04:27 | 29-12-2010 - 18:00 | |
| CVE-2010-3881 | 2.1 |
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.
|
13-02-2023 - 04:27 | 23-12-2010 - 18:00 | |
| CVE-2010-3861 | 2.1 |
The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command
|
13-02-2023 - 04:27 | 10-12-2010 - 19:00 | |
| CVE-2010-3437 | 6.6 |
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dere
|
13-02-2023 - 04:24 | 04-10-2010 - 21:00 | |
| CVE-2010-4083 | 1.9 |
The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3
|
14-08-2020 - 15:23 | 30-11-2010 - 22:14 | |
| CVE-2010-4072 | 1.9 |
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmct
|
14-08-2020 - 15:19 | 29-11-2010 - 16:00 | |
| CVE-2010-4082 | 1.9 |
The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack
|
13-08-2020 - 13:18 | 30-11-2010 - 22:14 | |
| CVE-2010-4073 | 1.9 |
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat
|
10-08-2020 - 19:44 | 29-11-2010 - 16:00 | |
| CVE-2010-4175 | 4.9 |
Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) in Linux kernel 2.6.35 allows local users to cause a denial of service (crash) and possibly trigger memory corruption via a crafted Reliable Datagram Sockets (RDS) request, a differ
|
17-08-2017 - 01:33 | 11-01-2011 - 03:00 |