Vulnerabilities > Linux

DATE CVE VULNERABILITY TITLE RISK
2009-11-20 CVE-2009-4004 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc7 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a KVM_X86_SETUP_MCE IOCTL request that specifies a large number of Machine Check Exception (MCE) banks.
local
low complexity
linux CWE-119
7.8
2009-11-16 CVE-2009-3939 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
7.1
2009-11-04 CVE-2009-3547 Operation on a Resource after Expiration or Release vulnerability in multiple products
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
7.0
2009-10-22 CVE-2009-3621 Resource Exhaustion vulnerability in multiple products
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.
5.5
2009-10-22 CVE-2009-3620 Use of Uninitialized Resource vulnerability in multiple products
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.
7.8
2009-09-18 CVE-2009-3238 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."
local
low complexity
linux canonical opensuse suse CWE-338
5.5
2009-08-27 CVE-2009-2698 NULL Pointer Dereference vulnerability in multiple products
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
7.8
2009-08-14 CVE-2009-2768 NULL Pointer Dereference vulnerability in Linux Kernel
The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by executing a shared flat binary, which triggers an access of an "uninitialized cred pointer."
local
low complexity
linux CWE-476
7.8
2009-08-14 CVE-2009-2692 Use of Uninitialized Resource vulnerability in multiple products
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
local
low complexity
linux debian suse redhat CWE-908
7.8
2009-07-05 CVE-2009-1388 Improper Locking vulnerability in Linux Kernel 2.6.18
The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle simultaneous execution of the do_coredump function, which allows local users to cause a denial of service (deadlock) via vectors involving the ptrace system call and a coredumping thread.
local
low complexity
linux CWE-667
5.5