Vulnerabilities > Linux > Linux Kernel > 2.6.33.19

DATE CVE VULNERABILITY TITLE RISK
2010-09-21 CVE-2010-3078 Information Exposure vulnerability in multiple products
The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call.
local
low complexity
linux opensuse suse canonical vmware CWE-200
5.5
2010-09-21 CVE-2010-2942 Memory Leak vulnerability in multiple products
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.
5.5
2010-09-08 CVE-2010-2960 Null Pointer Dereference vulnerability in multiple products
The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function.
local
low complexity
linux canonical suse CWE-476
7.2
2010-09-08 CVE-2010-2798 NULL Pointer Dereference vulnerability in multiple products
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.
7.8
2010-09-08 CVE-2010-2524 The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals.
local
low complexity
linux vmware canonical suse
7.8
2010-09-08 CVE-2010-2492 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.
local
low complexity
linux vmware avaya CWE-120
7.8
2010-09-08 CVE-2010-2066 The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.
local
low complexity
linux vmware canonical suse
5.5
2010-05-07 CVE-2010-1437 Use After Free vulnerability in multiple products
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.
local
high complexity
linux opensuse suse debian CWE-416
7.0
2006-07-05 CVE-2006-2935 Classic Buffer Overflow vulnerability in multiple products
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.
local
low complexity
linux debian canonical CWE-120
4.6