Total
7711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0745 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not properly initialize the group descriptor during a resize (aka resize2fs) operation, which might allow local users to cause a denial of service (OOPS) by arranging for crafted values to be present in available memory. | |||||
| CVE-2009-0676 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | N/A |
| The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request. | |||||
| CVE-2009-0675 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | N/A |
| The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic" issue. | |||||
| CVE-2009-0605 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| Stack consumption vulnerability in the do_page_fault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered Kprobes probe. | |||||
| CVE-2009-0601 | 6 Apple, Freebsd, Linux and 3 more | 6 Mac Os X, Freebsd, Linux Kernel and 3 more | 2024-11-21 | 2.1 LOW | N/A |
| Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. | |||||
| CVE-2009-0521 | 2 Adobe, Linux | 2 Flash Player For Linux, Linux Kernel | 2024-11-21 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Linux allows local users to obtain sensitive information or gain privileges via a crafted library in a directory contained in the RPATH. | |||||
| CVE-2009-0343 | 2 Linux, Niels Provos | 2 Linux Kernel, Systrace | 2024-11-21 | 7.2 HIGH | N/A |
| Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes. | |||||
| CVE-2009-0342 | 2 Linux, Provos | 2 Linux Kernel, Systrace | 2024-11-21 | 7.2 HIGH | N/A |
| Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall. | |||||
| CVE-2009-0322 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/. | |||||
| CVE-2009-0269 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | 4.9 MEDIUM | N/A |
| fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index. | |||||
| CVE-2009-0065 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 10.0 HIGH | N/A |
| Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. | |||||
| CVE-2009-0031 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree." | |||||
| CVE-2009-0029 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 7.2 HIGH | N/A |
| The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call. | |||||
| CVE-2009-0028 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | N/A |
| The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit. | |||||
| CVE-2009-0024 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.2 HIGH | N/A |
| The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vm_file structure member, and the mmap_region and do_munmap functions. | |||||
| CVE-2008-7316 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length. | |||||
| CVE-2008-7256 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 1.2 LOW | N/A |
| mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1643. | |||||
| CVE-2008-6662 | 2 Avg, Linux | 2 Avg Anti-virus, Linux Kernel | 2024-11-21 | 4.3 MEDIUM | N/A |
| AVG Anti-Virus for Linux 7.5.51, and possibly earlier, allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via a malformed UPX compressed file, which triggers memory corruption. | |||||
| CVE-2008-6661 | 2 Bitdefender, Linux | 2 Bitdefender Antivirus, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file. | |||||
| CVE-2008-6107 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel before 2.6.25.4, omit some virtual-address range (aka span) checks when the mremap MREMAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mremap calls, a related issue to CVE-2008-2137. | |||||