Vulnerabilities > Linux > Linux Kernel > 2.6.27.20
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-17 | CVE-2012-0044 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call. | 7.8 |
2012-05-17 | CVE-2012-0038 | Integer Overflow or Wraparound vulnerability in Linux Kernel Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow. | 5.5 |
2012-05-17 | CVE-2011-4621 | Infinite Loop vulnerability in Linux Kernel The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop. | 5.5 |
2012-05-17 | CVE-2011-4594 | NULL Pointer Dereference vulnerability in Linux Kernel The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference. | 5.5 |
2012-05-17 | CVE-2011-4112 | The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction with a bridge device for a VLAN interface. | 5.5 |
2012-05-17 | CVE-2011-3637 | NULL Pointer Dereference vulnerability in multiple products The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error. | 5.5 |
2012-02-02 | CVE-2011-2525 | NULL Pointer Dereference vulnerability in multiple products The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. | 7.8 |
2012-02-02 | CVE-2011-1573 | Incorrect Calculation vulnerability in Linux Kernel net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data. | 5.9 |
2011-10-10 | CVE-2011-2189 | Resource Exhaustion vulnerability in multiple products net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd. | 7.5 |
2011-09-06 | CVE-2011-1776 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. | 6.1 |