Vulnerabilities > Linux > Linux Kernel > 2.6.23.rc1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-27 | CVE-2009-0028 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit. | 2.1 |
| 2009-02-10 | CVE-2008-6107 | Resource Management Errors vulnerability in Linux Kernel The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel before 2.6.25.4, omit some virtual-address range (aka span) checks when the mremap MREMAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mremap calls, a related issue to CVE-2008-2137. | 4.9 |
| 2008-12-09 | CVE-2008-5079 | Resource Management Errors vulnerability in Linux Kernel net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table. | 4.9 |
| 2008-11-21 | CVE-2008-5182 | Race Condition vulnerability in Linux Kernel The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount. | 6.9 |
| 2008-11-10 | CVE-2008-5029 | Local Denial of Service vulnerability in Linux Kernel '__scm_destroy()' The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. | 4.9 |
| 2008-10-15 | CVE-2008-4576 | Improper Authentication vulnerability in Linux Kernel sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires. | 7.8 |