Linux Kernel vulnerabilities

CVE-2017-2618 [MEDIUM] CWE-193 CVE-2017-2618: A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr fil A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.

CVE-2017-7558 [MEDIUM] CWE-125 CVE-2017-7558: A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{, A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes o

CVE-2018-10872 [MEDIUM] CWE-250 CVE-2018-10872: A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch opera A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use th

CVE-2009-3624 [MEDIUM] CWE-310 CVE-2009-3624: The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demo

CVE-2009-2844 [HIGH] CWE-399 CVE-2009-2844: cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies fu

CVE-2009-2847 [MEDIUM] CVE-2009-2847: The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6 The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.

CVE-2009-2767 [HIGH] CWE-119 CVE-2009-2767: The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference.

CVE-2009-2406 [MEDIUM] CWE-119 CVE-2009-2406: Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCr Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag

CVE-2009-1389 [HIGH] CWE-119 CVE-2009-1389: Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 al Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.

CVE-2009-1385 [HIGH] CWE-189 CVE-2009-1385: Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.