Vulnerabilities > Linux > Linux Kernel > 2.6.24

DATE CVE VULNERABILITY TITLE RISK
2011-05-26 CVE-2010-4251 Resource Exhaustion vulnerability in multiple products
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.
network
low complexity
linux vmware redhat CWE-400
7.5
2011-05-03 CVE-2011-1577 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel
Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.
local
low complexity
linux CWE-119
4.9
2011-04-04 CVE-2011-1083 Resource Exhaustion vulnerability in multiple products
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
local
low complexity
linux suse redhat CWE-400
4.9
2011-03-15 CVE-2011-0695 Race Condition vulnerability in multiple products
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
5.7
2011-03-01 CVE-2011-1017 Out-Of-Bounds Write vulnerability in multiple products
Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table.
local
low complexity
linux canonical CWE-787
7.2
2011-02-28 CVE-2011-1020 Information Exposure vulnerability in Linux Kernel
The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls.
local
low complexity
linux CWE-200
4.6
2011-02-18 CVE-2011-0709 NULL Pointer Dereference vulnerability in Linux Kernel
The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table.
network
low complexity
linux CWE-476
7.5
2010-12-29 CVE-2010-4565 Information Exposure vulnerability in Linux Kernel
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename.
local
low complexity
linux CWE-200
2.1
2010-12-29 CVE-2010-4343 Improper Initialization vulnerability in multiple products
drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file.
local
low complexity
linux vmware CWE-665
5.5
2010-12-06 CVE-2010-3904 Improper Validation of Specified Quantity in Input vulnerability in multiple products
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
7.8