U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:*
There are 2,289 matching records.
Displaying matches 2,141 through 2,160.
Vuln ID Summary CVSS Severity
CVE-2010-4347

The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c.

Published: December 22, 2010; 4:00:19 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2010-4346

The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application.

Published: December 22, 2010; 4:00:19 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2010-4157

Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.

Published: December 10, 2010; 2:00:05 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2010-3880

net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.

Published: December 10, 2010; 2:00:04 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2010-3861

The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value, a different vulnerability than CVE-2010-2478.

Published: December 10, 2010; 2:00:04 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2010-3904

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.

Published: December 06, 2010; 3:13:00 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2010-4083

The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl system call.

Published: November 30, 2010; 5:14:00 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-4082

The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call.

Published: November 30, 2010; 5:14:00 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-4081

The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call.

Published: November 30, 2010; 5:14:00 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-4080

The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call.

Published: November 30, 2010; 5:14:00 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2010-4248

Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c.

Published: November 30, 2010; 4:38:23 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2010-3858

The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.

Published: November 30, 2010; 4:38:23 PM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2010-4249

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

Published: November 29, 2010; 11:00:04 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2010-4079

The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call.

Published: November 29, 2010; 11:00:03 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-4078

The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call.

Published: November 29, 2010; 11:00:03 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-4077

The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

Published: November 29, 2010; 11:00:03 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-4076

The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

Published: November 29, 2010; 11:00:03 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-4075

The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

Published: November 29, 2010; 11:00:03 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-4074

The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c.

Published: November 29, 2010; 11:00:02 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-4073

The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c.

Published: November 29, 2010; 11:00:02 AM -0500
V4.0:(not available)
V3.x:(not available)
V2.0: 1.9 LOW