CVE search results

1 – 10 of 137 results

Detailed view

Sort by:

CVE-2008-4395

Low priority

Fixed

Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.

6 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22, linux-ubuntu-modules-2.6.22, linux-ubuntu-modules-2.6.24

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—
linux-ubuntu-modules-2.6.22	—	—	—	—	—
linux-ubuntu-modules-2.6.24	—	—	—	—	—

CVE-2008-3831

Medium priority

Some fixes available 3 of 4

The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM)...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-4445

Low priority

Fixed

The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-4410

Low priority

Not affected

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3833

Low priority

Not affected

The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3832

Medium priority

Not affected

A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-4302

Low priority

Ignored

fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-4210

Low priority

Some fixes available 1 of 2

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2008-3528

Negligible priority

Ignored

The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—
linux-source-2.6.22	—	—	—	—	—

CVE-2007-0001

Unknown priority

Not affected

The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not...

3 affected packages

linux-source-2.6.15, linux-source-2.6.17, linux-source-2.6.20

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux-source-2.6.15	—	—	—	—	—
linux-source-2.6.17	—	—	—	—	—
linux-source-2.6.20	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports