Vulnerabilities > Linux > Linux Kernel > 2.6.9

DATE CVE VULNERABILITY TITLE RISK
2008-05-08 CVE-2008-1669 Race Condition vulnerability in Linux Kernel
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
local
linux CWE-362
6.9
2008-05-02 CVE-2008-1375 Race Condition vulnerability in multiple products
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
6.9
2008-02-08 CVE-2008-0007 Resource Management Errors vulnerability in Linux Kernel
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
local
low complexity
linux CWE-399
7.2
2007-10-04 CVE-2007-4133 Local Denial Of Service vulnerability in Linux Kernel HugeTLB
The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors.
local
linux
4.7
2007-09-14 CVE-2007-3740 Permissions, Privileges, and Access Controls vulnerability in Linux Kernel
The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges.
local
linux CWE-264
4.4
2007-08-13 CVE-2007-3851 Resource Management Errors vulnerability in Linux Kernel
The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer.
local
high complexity
linux intel CWE-399
6.0
2007-07-10 CVE-2007-3107 Local Denial of Service vulnerability in Linux PowerPC Kernel Restore_Sigcontext
The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits.
local
low complexity
linux
2.1
2007-06-11 CVE-2007-2876 Denial Of Service vulnerability in Linux Kernel SCTP Connection
The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.
low complexity
linux
6.1
2007-06-11 CVE-2007-2453 Unspecified vulnerability in Linux Kernel
The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source.
local
high complexity
linux
1.2
2007-06-11 CVE-2007-2875 Numeric Errors vulnerability in Linux Kernel
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.
local
low complexity
linux debian canonical CWE-189
2.1