U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.16.40
There are 2,362 matching records.
Displaying matches 1,801 through 1,820.
Vuln ID Summary CVSS Severity
CVE-2013-2128

The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.

Published: June 07, 2013; 10:03:18 AM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2013-1929

Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure.

Published: June 07, 2013; 10:03:18 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.4 MEDIUM
CVE-2011-4604

The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet.

Published: June 07, 2013; 10:03:18 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-2094

The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.

Published: May 14, 2013; 4:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-2017

The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.

Published: May 03, 2013; 7:57:45 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2013-1979

The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.

Published: May 03, 2013; 7:57:45 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2013-1959

kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.

Published: May 03, 2013; 7:57:45 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 3.7 LOW
CVE-2013-3302

Race condition in the smb_send_rqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors involving a reconnection event.

Published: April 29, 2013; 10:55:04 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.4 MEDIUM
CVE-2013-2015

The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test.

Published: April 29, 2013; 10:55:04 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2013-1928

The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb device.

Published: April 29, 2013; 10:55:03 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2013-1958

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval during which a user namespace has been created but a PID namespace has not been created.

Published: April 24, 2013; 3:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2013-1957

The clone_mnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNT_READONLY flag, which allows local users to bypass an intended read-only property of a filesystem by leveraging a separate mount namespace.

Published: April 24, 2013; 3:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2013-1956

The create_user_ns function in kernel/user_namespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call.

Published: April 24, 2013; 3:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-3237

The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: April 22, 2013; 7:41:01 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-3236

The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: April 22, 2013; 7:41:01 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-3235

net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: April 22, 2013; 7:41:01 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-3234

The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: April 22, 2013; 7:41:01 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-3233

The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: April 22, 2013; 7:41:01 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-3232

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: April 22, 2013; 7:41:01 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-3231

The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: April 22, 2013; 7:41:01 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.7 MEDIUM