Vulnerabilities > Linux > Linux Kernel

DATE CVE VULNERABILITY TITLE RISK
2012-05-17 CVE-2012-0207 Divide By Zero vulnerability in multiple products
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
network
low complexity
linux redhat CWE-369
7.5
2012-05-17 CVE-2012-0058 Resource Exhaustion vulnerability in Linux Kernel
The kiocb_batch_free function in fs/aio.c in the Linux kernel before 3.2.2 allows local users to cause a denial of service (OOPS) via vectors that trigger incorrect iocb management.
local
low complexity
linux CWE-400
5.5
2012-05-17 CVE-2012-0044 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call.
local
low complexity
linux canonical CWE-190
7.8
2012-05-17 CVE-2012-0038 Integer Overflow or Wraparound vulnerability in Linux Kernel
Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.
local
low complexity
linux CWE-190
5.5
2012-05-17 CVE-2011-4621 Infinite Loop vulnerability in Linux Kernel
The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop.
local
low complexity
linux CWE-835
5.5
2012-05-17 CVE-2011-4594 NULL Pointer Dereference vulnerability in Linux Kernel
The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference.
local
low complexity
linux CWE-476
5.5
2012-05-17 CVE-2011-4112 The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction with a bridge device for a VLAN interface.
local
low complexity
linux avaya
5.5
2012-05-17 CVE-2011-4097 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.
local
low complexity
linux redhat CWE-190
5.5
2012-05-17 CVE-2011-3637 NULL Pointer Dereference vulnerability in multiple products
The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error.
local
low complexity
linux redhat CWE-476
5.5
2012-02-02 CVE-2011-2525 NULL Pointer Dereference vulnerability in multiple products
The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call.
local
low complexity
linux redhat CWE-476
7.8