Vulnerabilities > Linux

DATE CVE VULNERABILITY TITLE RISK
2011-05-26 CVE-2010-4805 Resource Exhaustion vulnerability in multiple products
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field.
network
low complexity
linux redhat CWE-400
7.5
2011-05-26 CVE-2010-4251 Resource Exhaustion vulnerability in multiple products
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.
network
low complexity
linux vmware redhat CWE-400
7.5
2011-02-18 CVE-2011-0709 NULL Pointer Dereference vulnerability in Linux Kernel
The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table.
network
low complexity
linux CWE-476
7.5
2010-12-29 CVE-2010-4343 Improper Initialization vulnerability in multiple products
drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file.
local
low complexity
linux vmware CWE-665
5.5
2010-12-06 CVE-2010-3904 Improper Validation of Specified Quantity in Input vulnerability in multiple products
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
7.8
2010-09-30 CVE-2010-3079 NULL Pointer Dereference vulnerability in multiple products
kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file.
local
low complexity
linux canonical suse CWE-476
5.5
2010-09-30 CVE-2010-2943 Information Exposure vulnerability in multiple products
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
network
low complexity
linux canonical vmware avaya CWE-200
8.1
2010-09-30 CVE-2010-2538 Information Exposure vulnerability in multiple products
Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.
local
low complexity
linux canonical suse CWE-200
5.5
2010-09-30 CVE-2010-2537 The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.
local
low complexity
linux canonical suse
7.1
2010-09-24 CVE-2010-3081 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
local
low complexity
linux vmware suse CWE-119
7.8