Vulnerabilities > Linux > Linux Kernel > 2.6.35.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-13 | CVE-2014-7970 | Resource Exhaustion vulnerability in multiple products The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . | 5.5 |
| 2013-07-16 | CVE-2013-1943 | Improper Input Validation vulnerability in multiple products The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c. | 7.8 |
| 2013-06-08 | CVE-2011-4087 | Improper Initialization vulnerability in Linux Kernel The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device. | 7.5 |
| 2013-06-08 | CVE-2011-1180 | Out-of-bounds Write vulnerability in Linux Kernel Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared network and sending a large integer value for a (1) name length or (2) attribute length. | 9.8 |
| 2013-04-13 | CVE-2013-2596 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program. | 7.8 |
| 2013-03-01 | CVE-2011-2479 | Resource Management Errors vulnerability in Linux Kernel The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (system crash) via a crafted application. | 5.5 |
| 2012-10-03 | CVE-2012-3552 | Race Condition vulnerability in multiple products Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic. | 5.9 |
| 2012-05-24 | CVE-2011-4081 | NULL Pointer Dereference vulnerability in Linux Kernel crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket. | 5.5 |
| 2012-05-24 | CVE-2011-3363 | Improper Input Validation vulnerability in multiple products The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share. | 6.5 |
| 2012-05-24 | CVE-2011-3359 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame. | 7.5 |