Vulnerabilities > Linux > Linux Kernel > 2.6.16.33

DATE CVE VULNERABILITY TITLE RISK
2013-06-08 CVE-2011-2482 NULL Pointer Dereference vulnerability in Linux Kernel
A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet.
network
low complexity
linux CWE-476
7.5
2013-06-08 CVE-2011-1180 Out-of-bounds Write vulnerability in Linux Kernel
Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared network and sending a large integer value for a (1) name length or (2) attribute length.
network
low complexity
linux CWE-787
critical
9.8
2013-06-07 CVE-2013-2128 Resource Exhaustion vulnerability in Linux Kernel
The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.
local
low complexity
linux CWE-400
5.5
2013-04-13 CVE-2013-2596 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
local
low complexity
linux motorola CWE-190
7.8
2013-03-01 CVE-2011-2479 Resource Management Errors vulnerability in Linux Kernel
The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (system crash) via a crafted application.
local
low complexity
linux CWE-399
5.5
2012-10-03 CVE-2012-3552 Race Condition vulnerability in multiple products
Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic.
network
high complexity
linux redhat CWE-362
5.9
2012-05-24 CVE-2011-4081 NULL Pointer Dereference vulnerability in Linux Kernel
crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket.
local
low complexity
linux CWE-476
5.5
2012-05-24 CVE-2011-3363 Improper Input Validation vulnerability in multiple products
The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share.
low complexity
linux redhat CWE-20
6.5
2012-05-24 CVE-2011-3359 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame.
network
low complexity
linux CWE-119
7.5
2012-05-24 CVE-2011-3353 Classic Buffer Overflow vulnerability in Linux Kernel
Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem.
local
low complexity
linux CWE-120
5.5