Linux Enterprise Real Time Extension

DATE	CVE	VULNERABILITY TITLE	RISK
2014-06-07	CVE-2014-3153	The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. local low complexity linux redhat suse opensuse canonical oracle	7.8
2014-04-27	CVE-2014-0181	Permissions, Privileges, and Access Controls vulnerability in multiple products The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program. local low complexity linux opensuse redhat suse CWE-264	2.1
2010-12-06	CVE-2010-3904	Improper Validation of Specified Quantity in Input vulnerability in multiple products The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls. local low complexity linux suse opensuse canonical redhat vmware CWE-1284	7.8