Filtered by vendor Linux Subscriptions
Total 8118 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-4120 3 Debian, Linux, Yubico 3 Debian Linux, Linux Kernel, Pam Module 2024-11-21 9.8 Critical
Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the account in question by providing a NULL value (pressing Ctrl-D keyboard sequence) as the password string.
CVE-2011-4112 2 Avaya, Linux 13 9608, 9608 Firmware, 9608g and 10 more 2024-11-21 5.5 Medium
The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction with a bridge device for a VLAN interface.
CVE-2011-4110 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2024-11-21 N/A
The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."
CVE-2011-4098 1 Linux 1 Linux Kernel 2024-11-21 N/A
The fallocate implementation in the GFS2 filesystem in the Linux kernel before 3.2 relies on the page cache, which might allow local users to cause a denial of service by preallocating blocks in certain situations involving insufficient memory.
CVE-2011-4097 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 5.5 Medium
Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.
CVE-2011-4087 1 Linux 1 Linux Kernel 2024-11-21 7.5 High
The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device.
CVE-2011-4086 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal.
CVE-2011-4081 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 5.5 Medium
crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket.
CVE-2011-4080 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 N/A
The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAP_SYS_ADMIN capability to modify the dmesg_restrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as demonstrated by a root user in a Linux Containers (aka LXC) environment.
CVE-2011-4077 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.
CVE-2011-3638 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Eus 2024-11-21 N/A
fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain cases of extent splitting, which allows local users to cause a denial of service (system crash) via vectors involving ext4 umount and mount operations.
CVE-2011-3637 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 5.5 Medium
The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error.
CVE-2011-3619 1 Linux 1 Linux Kernel 2024-11-21 N/A
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/attr/current file.
CVE-2011-3593 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 N/A
A certain Red Hat patch to the vlan_hwaccel_do_receive function in net/8021q/vlan_core.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows remote attackers to cause a denial of service (system crash) via priority-tagged VLAN frames.
CVE-2011-3363 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 6.5 Medium
The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share.
CVE-2011-3359 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 7.5 High
The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame.
CVE-2011-3355 2 Gnome, Linux 2 Evolution-data-server3, Linux Kernel 2024-11-21 7.3 High
evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim.
CVE-2011-3353 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 5.5 Medium
Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem.
CVE-2011-3209 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more 2024-11-21 N/A
The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call.
CVE-2011-3191 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 8.8 High
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.