U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.22.18
There are 1,809 matching records.
Displaying matches 1,281 through 1,300.
Vuln ID Summary CVSS Severity
CVE-2013-1059

net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.

Published: July 08, 2013; 1:55:01 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2013-2237

The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.

Published: July 04, 2013; 5:55:01 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-2234

The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket.

Published: July 04, 2013; 5:55:01 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-2232

The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface.

Published: July 04, 2013; 5:55:01 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-2206

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.

Published: July 04, 2013; 5:55:01 PM -0400
V3.x:(not available)
V2.0: 5.4 MEDIUM
CVE-2011-4348

Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482.

Published: June 08, 2013; 9:05:55 AM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2011-4347

The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation.

Published: June 08, 2013; 9:05:55 AM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2011-4098

The fallocate implementation in the GFS2 filesystem in the Linux kernel before 3.2 relies on the page cache, which might allow local users to cause a denial of service by preallocating blocks in certain situations involving insufficient memory.

Published: June 08, 2013; 9:05:55 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2011-4087

The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device.

Published: June 08, 2013; 9:05:55 AM -0400
V3.1: 7.5 HIGH
V2.0: 4.3 MEDIUM
CVE-2011-3619

The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/attr/current file.

Published: June 08, 2013; 9:05:55 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2011-1585

The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user.

Published: June 08, 2013; 9:05:55 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2011-1180

Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging connectivity to an IrDA infrared network and sending a large integer value for a (1) name length or (2) attribute length.

Published: June 08, 2013; 9:05:54 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2013-2852

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.

Published: June 07, 2013; 10:03:20 AM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2013-2851

Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.

Published: June 07, 2013; 10:03:20 AM -0400
V3.x:(not available)
V2.0: 6.0 MEDIUM
CVE-2013-2850

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.

Published: June 07, 2013; 10:03:19 AM -0400
V3.x:(not available)
V2.0: 7.9 HIGH
CVE-2013-2148

The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor.

Published: June 07, 2013; 10:03:19 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-2147

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.

Published: June 07, 2013; 10:03:19 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-2146

arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows local users to cause a denial of service (general protection fault and system crash) by attempting to set a reserved bit.

Published: June 07, 2013; 10:03:19 AM -0400
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2013-2141

The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call.

Published: June 07, 2013; 10:03:18 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-2128

The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.

Published: June 07, 2013; 10:03:18 AM -0400
V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM