Vulnerabilities > Linux > Linux Kernel > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-24 | CVE-2011-3109 | Multiple Security vulnerability in Google Chrome Prior to 19.0.1084.52 Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact by leveraging an error in the GTK implementation of the UI. | 7.5 |
2012-05-17 | CVE-2012-1097 | NULL Pointer Dereference vulnerability in multiple products The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call. | 7.8 |
2012-05-17 | CVE-2012-0207 | Divide By Zero vulnerability in multiple products The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets. | 7.5 |
2012-05-17 | CVE-2012-0044 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call. | 7.8 |
2012-05-16 | CVE-2011-3096 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an error in the GTK implementation of the omnibox. | 7.5 |
2012-03-20 | CVE-2012-1796 | Local Security vulnerability in IBM DB2 9.5 Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors. | 7.2 |
2012-03-20 | CVE-2012-0711 | Numeric Errors vulnerability in IBM DB2 9.1/9.5/9.7 Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow. | 7.5 |
2012-02-02 | CVE-2011-4194 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Open Enterprise Server Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field. | 7.5 |
2012-02-02 | CVE-2011-2525 | NULL Pointer Dereference vulnerability in multiple products The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. | 7.8 |
2011-10-10 | CVE-2011-2189 | Resource Exhaustion vulnerability in multiple products net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd. | 7.5 |