Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.28.3
There are 2,384 matching records.
Displaying matches 2,301 through 2,320.
Vuln ID Summary CVSS Severity
CVE-2009-1360

The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.

Published: April 22, 2009; 11:30:00 AM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2009-1337

The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.

Published: April 22, 2009; 11:30:00 AM -0400
V3.x:(not available)
V2.0: 4.4 MEDIUM
CVE-2009-1250

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.

Published: April 08, 2009; 8:30:00 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2009-1265

Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.

Published: April 07, 2009; 9:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-1243

net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain incorrect circumstances, which allows local users to cause a denial of service (panic) by reading zero bytes from the /proc/net/udp file and unspecified other files, related to the "udp seq_file infrastructure."

Published: April 06, 2009; 10:30:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2009-1242

The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode enable") bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.

Published: April 06, 2009; 10:30:00 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2009-1072

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.

Published: March 24, 2009; 9:30:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2009-0787

The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory.

Published: March 24, 2009; 9:30:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2009-1046

The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an "off-by-two memory error." NOTE: it is not clear whether this issue crosses privilege boundaries.

Published: March 23, 2009; 12:30:01 PM -0400
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2009-0935

The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.

Published: March 17, 2009; 10:00:08 PM -0400
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2009-0876

Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN.

Published: March 12, 2009; 11:20:49 AM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2009-0859

The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program.

Published: March 09, 2009; 5:30:00 PM -0400
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2009-0834

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.

Published: March 06, 2009; 6:30:02 AM -0500
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2009-0748

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate the superblock configuration, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) by attempting to mount a crafted ext4 filesystem.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2009-0747

The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2009-0746

The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate a certain rec_len field, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2009-0745

The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not properly initialize the group descriptor during a resize (aka resize2fs) operation, which might allow local users to cause a denial of service (OOPS) by arranging for crafted values to be present in available memory.

Published: February 27, 2009; 12:30:09 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2009-0676

The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.

Published: February 22, 2009; 5:30:00 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2009-0675

The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic" issue.

Published: February 22, 2009; 5:30:00 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2009-0605

Stack consumption vulnerability in the do_page_fault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered Kprobes probe.

Published: February 17, 2009; 12:30:05 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM