Vulnerabilities > Linux > Linux Kernel > 2.1.3

DATE CVE VULNERABILITY TITLE RISK
2010-01-12 CVE-2009-4537 Improper Input Validation vulnerability in Linux Kernel
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register.
network
low complexity
linux debian CWE-20
7.8
2010-01-12 CVE-2009-4536 Numeric Errors vulnerability in Linux Kernel
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload.
network
low complexity
linux debian CWE-189
7.8
2009-11-20 CVE-2009-4004 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc7 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a KVM_X86_SETUP_MCE IOCTL request that specifies a large number of Machine Check Exception (MCE) banks.
local
low complexity
linux CWE-119
7.8
2009-11-16 CVE-2009-3939 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
7.1
2009-11-06 CVE-2009-3725 Permissions, Privileges, and Access Controls vulnerability in Linux Kernel
The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges via calls to functions in these subsystems.
local
low complexity
linux canonical CWE-264
7.2
2009-11-04 CVE-2009-3547 Operation on a Resource after Expiration or Release vulnerability in multiple products
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
7.0
2009-10-22 CVE-2009-3621 Resource Exhaustion vulnerability in multiple products
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.
5.5
2009-10-22 CVE-2009-3620 Use of Uninitialized Resource vulnerability in multiple products
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.
7.8
2009-09-18 CVE-2009-3238 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."
local
low complexity
linux canonical opensuse suse CWE-338
5.5
2009-08-27 CVE-2009-2698 NULL Pointer Dereference vulnerability in multiple products
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
7.8