U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.3.51:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 2,710 matching records.
Displaying matches 2,321 through 2,340.
Vuln ID Summary CVSS Severity
CVE-2011-0619

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0620, CVE-2011-0621, and CVE-2011-0622.

Published: May 13, 2011; 6:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2011-0618

Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.

Published: May 13, 2011; 6:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2011-0579

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to obtain sensitive information via unspecified vectors.

Published: May 13, 2011; 6:55:01 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2011-1748

The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.

Published: May 09, 2011; 6:55:03 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2011-1598

The bcm_release function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.

Published: May 09, 2011; 6:55:03 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2011-2022

The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.

Published: May 09, 2011; 3:55:03 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2011-1747

The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not properly restrict memory allocation by the (1) AGPIOC_RESERVE and (2) AGPIOC_ALLOCATE ioctls, which allows local users to cause a denial of service (memory consumption) by making many calls to these ioctls.

Published: May 09, 2011; 3:55:03 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2011-1746

Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages.

Published: May 09, 2011; 3:55:03 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2011-1745

Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call.

Published: May 09, 2011; 3:55:03 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2011-1013

Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument.

Published: May 09, 2011; 3:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2011-1593

Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.

Published: May 03, 2011; 4:55:08 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2011-1577

Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.

Published: May 03, 2011; 3:55:12 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2011-1495

drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.

Published: May 03, 2011; 3:55:08 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2011-1494

Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow.

Published: May 03, 2011; 3:55:08 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2011-1169

Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer.

Published: May 03, 2011; 3:55:07 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2010-4785

The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID.

Published: April 21, 2011; 6:55:01 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2011-1163

The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.

Published: April 09, 2011; 10:51:19 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2011-0463

The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized disk locations by reading a file.

Published: April 09, 2011; 10:51:19 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2011-1083

The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.

Published: April 04, 2011; 8:27:57 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2011-1082

fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.

Published: April 04, 2011; 8:27:57 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM