Vulnerabilities > Linux > Linux Kernel > 2.6.25.10

DATE CVE VULNERABILITY TITLE RISK
2009-11-16 CVE-2009-3939 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
7.1
2009-11-04 CVE-2009-3547 Operation on a Resource after Expiration or Release vulnerability in multiple products
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
7.0
2009-10-22 CVE-2009-3621 Resource Exhaustion vulnerability in multiple products
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.
5.5
2009-10-22 CVE-2009-3620 Use of Uninitialized Resource vulnerability in multiple products
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.
7.8
2009-09-18 CVE-2009-3238 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."
local
low complexity
linux canonical opensuse suse CWE-338
5.5
2009-08-14 CVE-2009-2768 NULL Pointer Dereference vulnerability in Linux Kernel
The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by executing a shared flat binary, which triggers an access of an "uninitialized cred pointer."
local
low complexity
linux CWE-476
7.8
2009-08-14 CVE-2009-2692 Use of Uninitialized Resource vulnerability in multiple products
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
local
low complexity
linux debian suse redhat CWE-908
7.8
2009-04-06 CVE-2009-1243 Improper Locking vulnerability in Linux Kernel
net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain incorrect circumstances, which allows local users to cause a denial of service (panic) by reading zero bytes from the /proc/net/udp file and unspecified other files, related to the "udp seq_file infrastructure."
local
low complexity
linux CWE-667
5.5
2008-08-12 CVE-2008-3275 Classic Buffer Overflow vulnerability in multiple products
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.
local
low complexity
linux debian canonical suse CWE-120
5.5