Vulnerabilities > Linux > Linux Kernel > 2.1.44

DATE CVE VULNERABILITY TITLE RISK
2008-07-09 CVE-2008-2812 NULL Pointer Dereference vulnerability in multiple products
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
7.8
2008-02-08 CVE-2008-0007 Resource Management Errors vulnerability in Linux Kernel
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
local
low complexity
linux CWE-399
7.2
2007-09-14 CVE-2007-3740 Permissions, Privileges, and Access Controls vulnerability in Linux Kernel
The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges.
local
linux CWE-264
4.4
2007-08-14 CVE-2007-3848 Unspecified vulnerability in Linux Kernel
Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).
local
linux
1.9
2007-08-13 CVE-2007-3851 Resource Management Errors vulnerability in Linux Kernel
The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer.
local
high complexity
linux intel CWE-399
6.0
2007-07-10 CVE-2007-3107 Local Denial of Service vulnerability in Linux PowerPC Kernel Restore_Sigcontext
The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits.
local
low complexity
linux
2.1
2007-06-11 CVE-2007-2875 Numeric Errors vulnerability in Linux Kernel
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.
local
low complexity
linux debian canonical CWE-189
2.1
2007-05-07 CVE-2007-1861 Resource Management Errors vulnerability in Linux Kernel
The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow.
local
low complexity
linux CWE-399
4.9
2007-04-24 CVE-2007-1353 Information Disclosure vulnerability in Linux Kernel L2CAP and HCI Setsockopt Memory Leak
The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer.
local
low complexity
linux
2.1
2007-04-11 CVE-2007-1357 Denial Of Service vulnerability in Linux Kernel AppleTalk ATalk_Sum_SKB Function
The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum.
network
low complexity
linux
7.8