National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.16.30
There are 2,446 matching records.
Displaying matches 2181 through 2200.
Vuln ID Summary CVSS Severity
CVE-2010-0006

The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567.

Published: January 26, 2010; 01:30:01 PM -05:00
    V2: 7.1 HIGH
CVE-2010-0003

The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address.

Published: January 26, 2010; 01:30:01 PM -05:00
    V2: 5.4 MEDIUM
CVE-2010-0007

net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application.

Published: January 19, 2010; 11:30:01 AM -05:00
    V2: 2.1 LOW
CVE-2009-4141

Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file.

Published: January 19, 2010; 11:30:00 AM -05:00
    V2: 7.2 HIGH
CVE-2010-0312

The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.2 on Linux allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SecureWay 3.2 Event Registration Request (aka a 1.3.18.0.2.12.1 request).

Published: January 14, 2010; 02:30:00 PM -05:00
    V2: 5.0 MEDIUM
CVE-2009-4538

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.

Published: January 12, 2010; 12:30:00 PM -05:00
    V2: 10.0 HIGH
CVE-2009-4537

drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.

Published: January 12, 2010; 12:30:00 PM -05:00
    V2: 7.8 HIGH
CVE-2009-4536

drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.

Published: January 12, 2010; 12:30:00 PM -05:00
    V2: 7.8 HIGH
CVE-2009-4484

Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.

Published: December 30, 2009; 04:30:00 PM -05:00
    V2: 7.5 HIGH
CVE-2009-4138

drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.

Published: December 16, 2009; 02:30:01 PM -05:00
    V2: 4.7 MEDIUM
CVE-2009-4308

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.

Published: December 12, 2009; 08:30:00 PM -05:00
    V2: 7.1 HIGH
CVE-2009-4307

The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value).

Published: December 12, 2009; 08:30:00 PM -05:00
    V2: 7.1 HIGH
CVE-2009-4306

Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel 2.6.32-git6 and earlier allows local users to cause a denial of service (filesystem corruption) via unknown vectors, a different vulnerability than CVE-2009-4131.

Published: December 12, 2009; 08:30:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2009-4131

The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions.

Published: December 12, 2009; 08:30:00 PM -05:00
    V2: 7.2 HIGH
CVE-2009-1298

The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, possibly related to the ip_defrag function.

Published: December 08, 2009; 06:30:00 PM -05:00
    V2: 7.8 HIGH
CVE-2009-4027

Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.

Published: December 02, 2009; 11:30:00 AM -05:00
    V2: 7.1 HIGH
CVE-2009-4026

The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch."

Published: December 02, 2009; 11:30:00 AM -05:00
    V2: 7.8 HIGH
CVE-2009-4031

The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.

Published: November 29, 2009; 08:07:32 AM -05:00
    V2: 7.8 HIGH
CVE-2009-4021

The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.

Published: November 25, 2009; 11:30:00 AM -05:00
    V2: 4.9 MEDIUM
CVE-2009-3080

Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.

Published: November 20, 2009; 12:30:00 PM -05:00
    V2: 7.2 HIGH