Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:3.1.7
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-2745 |
The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call. Published: August 09, 2012; 6:29:47 AM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2012-2373 |
The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition. Published: August 09, 2012; 6:29:46 AM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2012-2136 |
The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device. Published: August 09, 2012; 6:29:46 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2012-2133 |
Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data. Published: July 03, 2012; 12:40:32 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2012-2100 |
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307. Published: July 03, 2012; 12:40:32 PM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2012-0045 |
The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file. Published: July 03, 2012; 12:40:31 PM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2011-4127 |
The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume. Published: July 03, 2012; 12:40:31 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2011-4086 |
The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal. Published: July 03, 2012; 12:40:31 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-2127 |
fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd. Published: June 21, 2012; 7:55:02 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2012-2390 |
Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations. Published: June 13, 2012; 6:24:56 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-2384 |
Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. Published: June 13, 2012; 6:24:56 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-2383 |
Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. Published: June 13, 2012; 6:24:56 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-2375 |
The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131. Published: June 13, 2012; 6:24:55 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2012-2313 |
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. Published: June 13, 2012; 6:24:55 AM -0400 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2012-2319 |
Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020. Published: May 17, 2012; 7:00:38 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2012-2123 |
The cap_bprm_set_creds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the use of file system capabilities (aka fcaps) for implementing a privileged executable file, which allows local users to bypass intended personality restrictions via a crafted application, as demonstrated by an attack that uses a parent process to disable ASLR. Published: May 17, 2012; 7:00:38 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2012-2121 |
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices. Published: May 17, 2012; 7:00:38 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-1601 |
The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists. Published: May 17, 2012; 7:00:37 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-1179 |
The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages. Published: May 17, 2012; 7:00:37 AM -0400 |
V3.x:(not available) V2.0: 5.2 MEDIUM |
CVE-2012-1146 |
The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events. Published: May 17, 2012; 7:00:37 AM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |