U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*
There are 28 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2013-4592

Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_main.c in the Linux kernel before 3.9 allows local users to cause a denial of service (memory consumption) by leveraging certain device access to trigger movement of memory slots.

Published: November 20, 2013; 8:19:42 AM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2011-4098

The fallocate implementation in the GFS2 filesystem in the Linux kernel before 3.2 relies on the page cache, which might allow local users to cause a denial of service by preallocating blocks in certain situations involving insufficient memory.

Published: June 08, 2013; 9:05:55 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2011-3619

The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/attr/current file.

Published: June 08, 2013; 9:05:55 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2013-3076

The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c.

Published: April 22, 2013; 7:40:59 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2013-1773

Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion.

Published: February 28, 2013; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2012-4398

The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.

Published: February 17, 2013; 11:41:50 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2011-4914

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.

Published: June 21, 2012; 7:55:02 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2011-4913

The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.

Published: June 21, 2012; 7:55:02 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2011-1493

Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket.

Published: June 21, 2012; 7:55:02 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1479

Double free vulnerability in the inotify subsystem in the Linux kernel before 2.6.39 allows local users to cause a denial of service (system crash) via vectors involving failed attempts to create files. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-4250.

Published: June 21, 2012; 7:55:02 PM -0400
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2011-1476

Integer underflow in the Open Sound System (OSS) subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service (memory corruption) by leveraging write access to /dev/sequencer.

Published: June 21, 2012; 7:55:02 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2011-1160

The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors.

Published: June 21, 2012; 7:55:02 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2011-1080

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.

Published: June 21, 2012; 7:55:02 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2011-1079

The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.

Published: June 21, 2012; 7:55:02 PM -0400
V3.x:(not available)
V2.0: 5.4 MEDIUM
CVE-2011-1078

The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.

Published: June 21, 2012; 7:55:01 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2011-2496

Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping.

Published: June 13, 2012; 6:24:55 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2011-2493

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.

Published: June 13, 2012; 6:24:54 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2011-1927

The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets.

Published: June 13, 2012; 6:24:54 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2011-1759

Integer overflow in the sys_oabi_semtimedop function in arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 2.6.39 on the ARM platform, when CONFIG_OABI_COMPAT is enabled, allows local users to gain privileges or cause a denial of service (heap memory corruption) by providing a crafted argument and leveraging a race condition.

Published: June 13, 2012; 6:24:53 AM -0400
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2012-1179

The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages.

Published: May 17, 2012; 7:00:37 AM -0400
V3.x:(not available)
V2.0: 5.2 MEDIUM