Vulnerabilities > Linux > Linux Kernel > 2.6.27.53

DATE CVE VULNERABILITY TITLE RISK
2011-03-15 CVE-2011-0695 Race Condition vulnerability in multiple products
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
5.7
2011-03-01 CVE-2011-1017 Out-Of-Bounds Write vulnerability in multiple products
Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table.
local
low complexity
linux canonical CWE-787
7.2
2011-02-28 CVE-2011-1020 Information Exposure vulnerability in Linux Kernel
The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls.
local
low complexity
linux CWE-200
4.6
2011-02-18 CVE-2011-0709 NULL Pointer Dereference vulnerability in Linux Kernel
The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table.
network
low complexity
linux CWE-476
7.5
2010-12-29 CVE-2010-4565 Information Exposure vulnerability in Linux Kernel
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename.
local
low complexity
linux CWE-200
2.1
2010-12-29 CVE-2010-4343 Improper Initialization vulnerability in multiple products
drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file.
local
low complexity
linux vmware CWE-665
5.5
2010-12-06 CVE-2010-3904 Improper Validation of Specified Quantity in Input vulnerability in multiple products
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
7.8
2010-09-30 CVE-2010-3079 NULL Pointer Dereference vulnerability in multiple products
kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file.
local
low complexity
linux canonical suse CWE-476
5.5
2010-09-30 CVE-2010-2943 Information Exposure vulnerability in multiple products
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
network
low complexity
linux canonical vmware avaya CWE-200
8.1
2010-09-30 CVE-2010-2538 Information Exposure vulnerability in multiple products
Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.
local
low complexity
linux canonical suse CWE-200
5.5