CVE search results

11 – 20 of 137 results

Detailed view

Sort by:

CVE-2008-4113

Low priority

Fixed

The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3915

Low priority

Some fixes available 2 of 3

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3911

Low priority

Not affected

The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2007-6716

Low priority

Some fixes available 2 of 3

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3901

Negligible priority

Ignored

Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3792

Low priority

Fixed

net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3525

Low priority

Some fixes available 3 of 4

The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE,...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3526

Medium priority

Fixed

Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3276

Medium priority

Some fixes available 2 of 3

Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3686

Medium priority

Not affected

The rt6_fill_node function in net/ipv6/route.c in Linux kernel 2.6.26-rc4, 2.6.26.2, and possibly other 2.6.26 versions, allows local users to cause a denial of service (kernel OOPS) via IPv6 requests when no IPv6 input device is...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports