Vulnerabilities > Linux > Linux Kernel > 2.6.34.10

DATE CVE VULNERABILITY TITLE RISK
2010-09-08 CVE-2010-2960 Null Pointer Dereference vulnerability in multiple products
The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function.
local
low complexity
linux canonical suse CWE-476
7.2
2010-09-08 CVE-2010-2798 NULL Pointer Dereference vulnerability in multiple products
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.
7.8
2010-09-08 CVE-2010-2524 The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals.
local
low complexity
linux vmware canonical suse
7.8
2010-09-08 CVE-2010-2492 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.
local
low complexity
linux vmware avaya CWE-120
7.8
2010-09-08 CVE-2010-2066 The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.
local
low complexity
linux vmware canonical suse
5.5
2006-07-05 CVE-2006-2935 Classic Buffer Overflow vulnerability in multiple products
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.
local
low complexity
linux debian canonical CWE-120
4.6