Vulnerabilities > Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-14 | CVE-2007-3740 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges. | 4.4 |
| 2007-08-13 | CVE-2007-3851 | Resource Management Errors vulnerability in Linux Kernel The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer. | 6.0 |
| 2007-08-09 | CVE-2007-3843 | Unspecified vulnerability in Linux Kernel The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request. network linux | 4.3 |
| 2007-07-20 | CVE-2007-3380 | Configuration vulnerability in Linux Kernel 2.6.15 The Distributed Lock Manager (DLM) in the cluster manager for Linux kernel 2.6.15 allows remote attackers to cause a denial of service (loss of lock services) by connecting to the DLM port, which probably prevents other processes from accessing the service. | 5.0 |
| 2007-07-03 | CVE-2007-3513 | Denial Of Service vulnerability in Linux Kernel USBLCD Memory Consumption The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption). | 4.9 |
| 2007-06-26 | CVE-2007-3104 | Resource Management Errors vulnerability in Linux Kernel 2.6.0 The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry. | 4.9 |
| 2007-06-11 | CVE-2007-2876 | Denial Of Service vulnerability in Linux Kernel SCTP Connection The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference. low complexity linux | 6.1 |
| 2007-05-29 | CVE-2007-2878 | Local Denial of Service vulnerability in Linux Kernel 2.6.21.1 The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors. | 4.9 |
| 2007-05-29 | CVE-2007-2451 | Unspecified vulnerability in Linux Kernel GEODE-AES Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2007-05-16 | CVE-2007-2445 | Remote Denial of Service vulnerability in Libpng Library The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value. | 5.0 |