CVE Daily
← All tags

Tag: Linux Kernel

All CVEs associated with "Linux Kernel". Page 159/168 • 20117 CVEs.

Subscribe CVEs: RSS for “Linux Kernel”  ·  RSS (High+Critical only)

About “Linux Kernel”

A curated feed of “Linux Kernel”-related CVEs appears below. We currently track 20117 CVEs for this tag (all time). In the last 365 days, 6176 were published. Average CVSS is 6.4 (all time; 6.4 over 365d), and 35% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-476 - NULL Pointer Dereference, CWE-401 - Missing Release of Memory after Effective Lifetime, CWE-416 - Use After Free.

In our taxonomy this topic maps to a MODERATE impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2009-01-13
High

CVE-2009-0024

The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vm_file…

CVSS: 7.2 CWE: CWE-264 View on NVD
Medium

CVE-2008-4307

Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call tha…

CVSS: 4.0 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2009-01-07
Critical

CVE-2009-0065

Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact v…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2009-01-02
Critical

CVE-2006-7236

The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified…

CVSS: 9.3 CWE: CWE-16 View on NVD
2008-12-29
Medium

CVE-2008-5747

F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF program with a "corrupted" header that still allows the program to be executed. NOTE: due to an e…

CVSS: 5.0 CWE: CWE-399 View on NVD
High

CVE-2008-4539

Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console fo…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-12-24
Medium

CVE-2008-5713

The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service (soft lockup) by sending a large amount of networ…

CVSS: 4.9 CWE: CWE-399 View on NVD
2008-12-22
High

CVE-2008-5702

Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_S…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2008-5701

Array index error in arch/mips/kernel/scall64-o32.S in the Linux kernel before 2.6.28-rc8 on 64-bit MIPS platforms allows local users to cause a denial of service (system crash) via an o32 syscall wi…

CVSS: 4.7 CWE: CWE-189 View on NVD
Low

CVE-2008-5700

libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simulta…

CVSS: 1.9 CWE: CWE-399 View on NVD
2008-12-19
Critical

CVE-2008-5696

Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigu…

CVSS: 9.3 CWE: CWE-255 View on NVD
2008-12-18
Critical

CVE-2008-5499

Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file.

CVSS: 9.3 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
2008-12-09
Medium

CVE-2008-5395

The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated wit…

CVSS: 4.9 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-5394

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file r…

CVSS: 7.2 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
Medium

CVE-2008-5079

net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socke…

CVSS: 4.9 CWE: CWE-399 View on NVD
High

CVE-2008-4310

httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE:…

CVSS: 7.8 CWE: CWE-399 View on NVD
2008-12-08
Medium

CVE-2008-5367

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file.

CVSS: 6.9 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
Medium

CVE-2008-5366

The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/probe-finished or (2) /tmp/ppp-errors temporary file.

CVSS: 6.9 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
2008-12-01
Medium

CVE-2008-5300

Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collecti…

CVSS: 4.9 CWE: CWE-399 View on NVD
2008-11-27
High

CVE-2008-4636

yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.

CVSS: 7.2 CWE: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') View on NVD
Medium

CVE-2008-4315

tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier f…

CVSS: 6.8 CWE: N/A View on NVD
2008-11-21
Medium

CVE-2008-5182

The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.

CVSS: 6.9 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2008-11-20
Critical

CVE-2008-5177

Stack-based buffer overflow in the DtbClsLogin function in Yosemite Backup 8.7 allows remote attackers to (1) execute arbitrary code on a Linux platform, related to libytlindtb.so; or (2) cause a den…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-11-19
Low

CVE-2008-5161

Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.…

CVSS: 3.7 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2008-11-18
Medium

CVE-2008-5142

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr.##### temporary file.

CVSS: 6.9 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
Critical

CVE-2008-5134

Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-11-17
High

CVE-2008-5025

Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system cras…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-11-10
High

CVE-2008-5033

The chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of…

CVSS: 7.8 CWE: CWE-399 View on NVD
Medium

CVE-2008-5029

The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to…

CVSS: 4.9 CWE: N/A View on NVD
2008-11-06
Medium

CVE-2008-4966

linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/snap##### and (b) /tmp/nightly##### temporary files, related to the (1) maysnap and (2) ma…

CVSS: 6.9 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
High

CVE-2008-4395

Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long E…

CVSS: 8.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-11-05
Medium

CVE-2008-4946

convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/set_output temporary file, related to the (1) _template_/provision.sh, (2) Linux_CD_Install/provision.sh…

CVSS: 6.9 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
High

CVE-2008-4934

The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which a…

CVSS: 7.8 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2008-4933

Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-4815

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is…

CVSS: 7.5 CWE: CWE-264 View on NVD
Medium

CVE-2008-3527

arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileg…

CVSS: 4.6 CWE: CWE-264 View on NVD
2008-11-01
Low

CVE-2008-4870

dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.

CVSS: 2.1 CWE: CWE-732 - Incorrect Permission Assignment for Critical Resource View on NVD
2008-10-21
Medium

CVE-2008-4638

qioadmin in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, allows local users to read arbitrary files by causing qi…

CVSS: 4.6 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2008-3248

qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, does not initialize filesystem blocks during creation o…

CVSS: 4.6 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
High

CVE-2008-4618

The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows…

CVSS: 7.8 CWE: CWE-20 - Improper Input Validation View on NVD
2008-10-20
High

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of serv…

CVSS: 7.1 CWE: CWE-16 View on NVD
Medium

CVE-2008-3831

The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Di…

CVSS: 4.7 CWE: CWE-399 View on NVD
2008-10-15
High

CVE-2008-4576

sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init functi…

CVSS: 7.8 CWE: CWE-287 - Improper Authentication View on NVD
Medium

CVE-2008-4554

The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make…

CVSS: 4.6 CWE: CWE-264 View on NVD
High

CVE-2008-4553

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories.

CVSS: 7.2 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
2008-10-13
Medium

CVE-2008-4411

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified v…

CVSS: 4.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
2008-10-06
Medium

CVE-2008-4445

The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled,…

CVSS: 4.7 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2008-10-03
Medium

CVE-2008-4410

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allo…

CVSS: 4.9 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2008-3833

The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gai…

CVSS: 4.9 CWE: CWE-264 View on NVD
Medium

CVE-2008-3832

A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer d…

CVSS: 4.9 CWE: CWE-399 View on NVD
Medium

CVE-2008-3825

pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local us…

CVSS: 4.4 CWE: CWE-264 View on NVD
2008-09-29
Medium

CVE-2008-4302

fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was n…

CVSS: 5.5 CWE: CWE-667 - Improper Locking View on NVD
Medium

CVE-2008-4210

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and o…

CVSS: 4.6 CWE: CWE-264 View on NVD
Medium

CVE-2008-3524

rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /va…

CVSS: 4.7 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
2008-09-27
High

CVE-2008-4197

Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-as…

CVSS: 8.8 CWE: CWE-908 - Use of Uninitialized Resource View on NVD
Low

CVE-2008-3528

The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report…

CVSS: 2.1 CWE: CWE-264 View on NVD
2008-09-24
Medium

CVE-2008-4067

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary…

CVSS: 4.3 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
2008-09-18
Medium

CVE-2008-4126

PyDNS (aka python-dns) before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote a…

CVSS: 6.4 CWE: CWE-16 View on NVD
Medium

CVE-2008-4099

PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a di…

CVSS: 6.4 CWE: CWE-16 View on NVD
2008-09-16
Medium

CVE-2008-4113

The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is ena…

CVSS: 4.7 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2008-09-12
Low

CVE-2008-3889

Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows loc…

CVSS: 2.1 CWE: CWE-20 - Improper Input Validation View on NVD
2008-09-11
Critical

CVE-2008-3915

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-09-04
Medium

CVE-2007-6716

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a cer…

CVSS: 5.5 CWE: N/A View on NVD
High

CVE-2008-3911

The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-09-03
High

CVE-2008-3525

The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOC…

CVSS: 7.2 CWE: CWE-264 View on NVD
High

CVE-2008-3792

net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with…

CVSS: 7.1 CWE: N/A View on NVD
Low

CVE-2008-3901

Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local u…

CVSS: 2.1 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2008-08-28
High

CVE-2008-3856

The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and a…

CVSS: 7.5 CWE: CWE-264 View on NVD
2008-08-27
High

CVE-2008-3526

Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows…

CVSS: 7.8 CWE: CWE-189 View on NVD
Critical

CVE-2008-3844

Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that al…

CVSS: 9.3 CWE: CWE-20 - Improper Input Validation View on NVD
2008-08-19
High

CVE-2008-3705

Stack-based buffer overflow in the CLogger::WriteFormated function in echoware/Logger.cpp in EchoVNC Linux before 1.1.2 allows remote echoServers to execute arbitrary code via a large (1) group or (2…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-08-18
Low

CVE-2008-3270

yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a file download from a Red Hat Network (RHN) server, which makes it easier for remote man-in-the-middle att…

CVSS: 2.6 CWE: CWE-310 View on NVD
High

CVE-2008-3276

Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote…

CVSS: 7.1 CWE: CWE-189 View on NVD
2008-08-14
Medium

CVE-2008-3686

The rt6_fill_node function in net/ipv6/route.c in Linux kernel 2.6.26-rc4, 2.6.26.2, and possibly other 2.6.26 versions, allows local users to cause a denial of service (kernel OOPS) via IPv6 request…

CVSS: 4.9 CWE: CWE-399 View on NVD
High

CVE-2008-2940

The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setaler…

CVSS: 7.2 CWE: CWE-264 View on NVD
Medium

CVE-2008-2941

The hpssd message parser in hpssd.py in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to cause a denial of service (process stop) via a crafted packet, as demonstrated by sending "ms…

CVSS: 4.9 CWE: CWE-20 - Improper Input Validation View on NVD
2008-08-13
Medium

CVE-2008-3671

Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this…

CVSS: 5.0 CWE: CWE-310 View on NVD
2008-08-12
Medium

CVE-2008-3275

The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) d…

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2008-08-10
High

CVE-2008-3579

Calacode @Mail 5.41 on Linux does not require administrative authentication for build-plesk-upgrade.php, which allows remote attackers to obtain sensitive information by creating and downloading a ba…

CVSS: 7.8 CWE: CWE-287 - Improper Authentication View on NVD
2008-08-08
Medium

CVE-2008-3534

The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of…

CVSS: 4.9 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2008-3535

Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I…

CVSS: 4.9 CWE: CWE-193 - Off-by-one Error View on NVD
Low

CVE-2008-3272

The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range…

CVSS: 2.1 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2008-08-06
Critical

CVE-2008-3496

Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.…

CVSS: 10.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2008-08-05
Medium

CVE-2008-3356

verifydb in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and other Unix platforms sets the ownership or permissions of an iivdb.log file without verif…

CVSS: 4.6 CWE: CWE-264 View on NVD
High

CVE-2008-3357

Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges via…

CVSS: 7.2 CWE: CWE-426 - Untrusted Search Path View on NVD
Medium

CVE-2008-3389

Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges…

CVSS: 4.6 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-08-01
High

CVE-2008-1376

A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHEL) 5 omits TCP wrappers support, which might allow remote attackers to bypass intended access restr…

CVSS: 7.5 CWE: CWE-264 View on NVD
Medium

CVE-2008-1810

Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable.

CVSS: 4.4 CWE: CWE-264 View on NVD
2008-07-31
Medium

CVE-2008-3395

Calacode @Mail 5.41 on Linux uses weak world-readable permissions for (1) webmail/libs/Atmail/Config.php and (2) webmail/webadmin/.htpasswd, which allows local users to obtain sensitive information b…

CVSS: 5.0 CWE: CWE-264 View on NVD
2008-07-24
High

CVE-2008-3247

The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 on x86_64 platforms uses an incorrect size for ldt_desc, which allows local users to cause a denial of service (system crash) or p…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-07-18
Medium

CVE-2008-3234

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, follo…

CVSS: 6.5 CWE: CWE-264 View on NVD
2008-07-15
Medium

CVE-2008-3177

Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of se…

CVSS: 5.0 CWE: CWE-16 View on NVD
2008-07-09
High

CVE-2008-2931

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause…

CVSS: 7.8 CWE: CWE-269 - Improper Privilege Management View on NVD
Medium

CVE-2008-1663

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified v…

CVSS: 4.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
High

CVE-2008-2375

Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumpti…

CVSS: 7.1 CWE: CWE-399 View on NVD
High

CVE-2008-2812

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL…

CVSS: 7.8 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2008-3077

arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the x86_64 platform leaks task_struct references into the sys32_ptrace function, which allows local users to cause a denial of service…

CVSS: 4.9 CWE: CWE-416 - Use After Free View on NVD
2008-07-02
Medium

CVE-2008-2372

The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_…

CVSS: 4.9 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2008-2826

Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local…

CVSS: 4.9 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2008-07-01
Medium

CVE-2008-2953

Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via "partial file list requests" that trigger a NULL pointer dereference.

CVSS: 5.0 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2008-2954

client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via an empty private message, which triggers an out-of-bounds read.

CVSS: 7.8 CWE: CWE-20 - Improper Input Validation View on NVD
2008-06-30
Medium

CVE-2008-0598

Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involvi…

CVSS: 4.9 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2008-2729

arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users…

CVSS: 4.9 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2008-2365

Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a lo…

CVSS: 4.7 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
Medium

CVE-2008-2944

Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oop…

CVSS: 4.9 CWE: CWE-415 - Double Free View on NVD
2008-06-25
Medium

CVE-2008-1951

Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries before 1-13a.el4_6.1 in Red Hat Enterprise Linux (R…

CVSS: 4.6 CWE: CWE-264 View on NVD
2008-06-24
Critical

CVE-2008-2427

Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted fo…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-06-18
High

CVE-2008-2750

The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash)…

CVSS: 7.8 CWE: CWE-20 - Improper Input Validation View on NVD
2008-06-16
Medium

CVE-2008-2366

Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious l…

CVSS: 4.4 CWE: CWE-16 View on NVD
2008-06-10
Critical

CVE-2008-1673

The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-2358

Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local u…

CVSS: 7.2 CWE: CWE-189 View on NVD
2008-06-05
Medium

CVE-2008-0967

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.…

CVSS: 6.9 CWE: N/A View on NVD
2008-06-02
Medium

CVE-2008-1036

The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversio…

CVSS: 4.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
2008-05-29
Medium

CVE-2008-2137

The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2…

CVSS: 4.4 CWE: CWE-264 View on NVD
2008-05-22
High

CVE-2007-5962

Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to ca…

CVSS: 7.1 CWE: CWE-399 View on NVD
2008-05-18
Medium

CVE-2008-2285

The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by gue…

CVSS: 5.0 CWE: CWE-310 View on NVD
2008-05-16
High

CVE-2008-2136

Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via n…

CVSS: 7.8 CWE: CWE-399 View on NVD
2008-05-12
Low

CVE-2008-2148

The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which…

CVSS: 3.6 CWE: CWE-264 View on NVD
Medium

CVE-2008-1880

The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authe…

CVSS: 5.0 CWE: CWE-255 View on NVD
2008-05-08
Medium

CVE-2007-5001

Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file.

CVSS: 4.9 CWE: CWE-399 View on NVD