Max CVSS 9.3 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-3535 4.9
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrate
30-10-2018 - 16:25 08-08-2008 - 19:41
CVE-2008-3534 4.9
The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as d
30-10-2018 - 16:25 08-08-2008 - 19:41
CVE-2008-2931 6.9
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of
30-10-2018 - 16:25 09-07-2008 - 18:41
CVE-2008-1294 2.1
Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits.
30-10-2018 - 16:25 02-05-2008 - 16:05
CVE-2007-6417 7.2
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of servi
30-10-2018 - 16:25 18-12-2007 - 00:46
CVE-2008-4113 4.7
The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit
11-10-2018 - 20:50 16-09-2008 - 23:00
CVE-2008-3792 7.1
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to
11-10-2018 - 20:49 03-09-2008 - 14:12
CVE-2008-4302 4.9
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a deni
29-09-2017 - 01:32 29-09-2008 - 17:17
CVE-2008-3833 4.9
The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain s
29-09-2017 - 01:31 03-10-2008 - 17:41
CVE-2008-3527 4.6
arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vec
29-09-2017 - 01:31 05-11-2008 - 15:00
CVE-2008-2358 7.2
Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature leng
29-09-2017 - 01:31 10-06-2008 - 00:32
CVE-2008-3915 9.3
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.
08-08-2017 - 01:32 11-09-2008 - 01:13
CVE-2008-3526 7.8
Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (pan
08-08-2017 - 01:31 27-08-2008 - 20:41
CVE-2008-4445 4.7
The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within
30-10-2012 - 03:17 06-10-2008 - 19:54
Back to Top Mark selected
Back to Top