Product:

Linux_enterprise_software_development_kit

(Suse)
Date Id Summary Products Score Patch Annotated
2009-10-20 CVE-2009-2910 arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode. Ubuntu_linux, Fedora, Linux_kernel, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-09-03 CVE-2010-2226 The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. Ubuntu_linux, Debian_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-09-21 CVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. Ubuntu_linux, Debian_linux, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-10-04 CVE-2010-3437 Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call. Ubuntu_linux, Debian_linux, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-10-04 CVE-2010-3442 Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-10 CVE-2010-4157 Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call. Fedora, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-30 CVE-2010-3848 Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures. Ubuntu_linux, Debian_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-30 CVE-2010-3849 The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field. Ubuntu_linux, Debian_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-30 CVE-2010-3850 The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call. Ubuntu_linux, Debian_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-30 CVE-2010-4158 The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. Fedora, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A