Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_kernel
(Linux)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/mjg59/linux • https://github.com/stoth68000/media-tree • https://github.com/acpica/acpica • https://github.com/derrekr/android_security |
| #Vulnerabilities | 4915 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-09-21 | CVE-2010-3078 | The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. | Ubuntu_linux, Linux_kernel, Opensuse, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Esx | 5.5 | ||
| 2010-09-21 | CVE-2010-3080 | Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device. | Ubuntu_linux, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server | N/A | ||
| 2010-09-24 | CVE-2010-3081 | The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010. | Linux_kernel, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Esx | 7.8 | ||
| 2010-09-29 | CVE-2010-2478 | Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value that triggers a buffer overflow, a different vulnerability than CVE-2010-3084. | Ubuntu_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_server | N/A | ||
| 2010-09-29 | CVE-2010-2946 | fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespace restrictions via an "os2." substring at the beginning of a name. | Ubuntu_linux, Linux_kernel | N/A | ||
| 2010-09-29 | CVE-2010-3084 | Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command. | Ubuntu_linux, Linux_kernel | N/A | ||
| 2010-09-29 | CVE-2010-3310 | Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function call, related to the rose_bind and rose_connect functions. | Ubuntu_linux, Debian_linux, Linux_kernel | N/A | ||
| 2010-09-30 | CVE-2010-2537 | The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor. | Ubuntu_linux, Linux_kernel, Linux_enterprise_high_availability_extension, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server | 7.1 | ||
| 2010-09-30 | CVE-2010-2538 | Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call. | Ubuntu_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_high_availability_extension, Linux_enterprise_server | 5.5 | ||
| 2010-09-30 | CVE-2010-2943 | The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle. | Aura_communication_manager, Aura_presence_services, Aura_session_manager, Aura_system_manager, Aura_system_platform, Aura_voice_portal, Iq, Ubuntu_linux, Linux_kernel, Esx | 8.1 |