Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:2.6.30:rc6
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-2848 |
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. Published: August 18, 2009; 5:00:00 PM -0400 |
V3.x:(not available) V2.0: 5.9 MEDIUM |
CVE-2009-2691 |
The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition. Published: August 14, 2009; 11:16:27 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2009-1897 |
The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a different vulnerability than CVE-2009-1894. Published: July 20, 2009; 1:30:54 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |