Filtered by vendor Linux Subscriptions
Filtered by product Linux Kernel Subscriptions
Total 8075 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-2898 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 5.5 Medium
net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.
CVE-2011-2887 2 Ibm, Linux 2 Lotus Symphony, Linux Kernel 2024-11-21 N/A
IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document.
CVE-2011-2839 2 Google, Linux 2 Chrome, Linux Kernel 2024-11-21 N/A
The PDF implementation in Google Chrome before 13.0.782.215 on Linux does not properly use the memset library function, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-2837 2 Google, Linux 2 Chrome, Linux Kernel 2024-11-21 N/A
Google Chrome before 14.0.835.163 on Linux does not use the PIC and PIE compiler options for position-independent code, which has unspecified impact and attack vectors.
CVE-2011-2782 2 Google, Linux 2 Chrome, Linux Kernel 2024-11-21 N/A
The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2011-2729 3 Apache, Linux, Redhat 4 Apache Commons Daemon, Tomcat, Linux Kernel and 1 more 2024-11-21 N/A
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
CVE-2011-2723 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic.
CVE-2011-2707 1 Linux 1 Linux Kernel 2024-11-21 6.0 Medium
The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.
CVE-2011-2700 1 Linux 1 Linux Kernel 2024-11-21 N/A
Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls operation with a (1) V4L2_CID_RDS_TX_PS_NAME or (2) V4L2_CID_RDS_TX_RADIO_TEXT control ID.
CVE-2011-2699 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2024-11-21 7.5 High
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
CVE-2011-2695 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer.
CVE-2011-2689 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-11-21 N/A
The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space.
CVE-2011-2534 1 Linux 1 Linux Kernel 2024-11-21 7.8 High
Buffer overflow in the clusterip_proc_write function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux kernel before 2.6.39 might allow local users to cause a denial of service or have unspecified other impact via a crafted write operation, related to string data that lacks a terminating '\0' character.
CVE-2011-2525 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 7.8 High
The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call.
CVE-2011-2521 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 N/A
The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c in the Performance Events subsystem in the Linux kernel before 2.6.39 does not properly calculate counter values, which allows local users to cause a denial of service (panic) via the perf program.
CVE-2011-2518 1 Linux 1 Linux Kernel 2024-11-21 N/A
The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other impact via a NULL value for the device name.
CVE-2011-2517 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 4 more 2024-11-21 N/A
Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value.
CVE-2011-2498 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2024-11-21 5.5 Medium
The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.
CVE-2011-2497 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within the command header of a Logical Link Control and Adaptation Protocol (L2CAP) configuration request, leading to a buffer overflow.
CVE-2011-2496 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping.