Vulnerabilities > Linux > Linux Kernel > 3.0.8

DATE CVE VULNERABILITY TITLE RISK
2013-02-28 CVE-2013-0343 IPv6 Temporary Addresses Remote Security vulnerability in Linux Kernel
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages.
high complexity
linux
3.2
2013-02-18 CVE-2013-0160 Information Exposure vulnerability in Linux Kernel
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.
local
low complexity
linux CWE-200
2.1
2013-02-18 CVE-2012-4398 Improper Input Validation vulnerability in Linux Kernel
The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.
local
low complexity
linux CWE-20
4.9
2012-05-24 CVE-2011-4081 NULL Pointer Dereference vulnerability in Linux Kernel
crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket.
local
low complexity
linux CWE-476
5.5
2012-05-24 CVE-2011-3353 Classic Buffer Overflow vulnerability in Linux Kernel
Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem.
local
low complexity
linux CWE-120
5.5
2012-05-24 CVE-2011-3188 The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.
network
low complexity
linux redhat f5
critical
9.1
2012-05-24 CVE-2011-2918 Resource Exhaustion vulnerability in Linux Kernel
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.
local
low complexity
linux CWE-400
5.5
2012-05-24 CVE-2011-2906 Resource Exhaustion vulnerability in Linux Kernel
Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioctl call.
local
low complexity
linux CWE-400
5.5
2012-05-24 CVE-2011-2707 Information Exposure vulnerability in Linux Kernel
The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.
local
low complexity
linux CWE-200
6.0
2012-05-24 CVE-2011-2699 The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
network
low complexity
linux redhat
7.5