CVE search results

51 – 60 of 146 results

Detailed view

Sort by:

CVE-2008-4410

Low priority

Not affected

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3833

Low priority

Not affected

The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3832

Medium priority

Not affected

A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-4302

Low priority

Ignored

fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-4210

Low priority

Some fixes available 1 of 2

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3528

Negligible priority

Ignored

The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-4113

Low priority

Fixed

The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3915

Low priority

Some fixes available 2 of 3

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3911

Low priority

Not affected

The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2007-6716

Low priority

Some fixes available 2 of 3

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports