Filtered by vendor Linux
Subscriptions
Total
16909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4326 | 3 Avaya, Linux, Redhat | 5 96x1 Ip Deskphone, 96x1 Ip Deskphone Firmware, Linux Kernel and 2 more | 2025-04-11 | N/A |
| The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device. | ||||
| CVE-2010-0741 | 4 Kvm Qumranet, Linux, Qemu and 1 more | 5 Kvm, Linux Kernel, Qemu and 2 more | 2025-04-11 | N/A |
| The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO). | ||||
| CVE-2011-4097 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | 5.5 Medium |
| Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory. | ||||
| CVE-2013-1957 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The clone_mnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNT_READONLY flag, which allows local users to bypass an intended read-only property of a filesystem by leveraging a separate mount namespace. | ||||
| CVE-2011-1171 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-11 | N/A |
| net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process. | ||||
| CVE-2010-4111 | 3 Hp, Linux, Microsoft | 3 Insight Diagnostics, Linux Kernel, Windows | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-7026 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted application that uses shmctl IPC_RMID operations in conjunction with other shm system calls. | ||||
| CVE-2013-2930 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-11 | N/A |
| The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. | ||||
| CVE-2012-5517 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator. | ||||
| CVE-2013-0871 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-11 | N/A |
| Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death. | ||||
| CVE-2013-1379 | 8 Adobe, Apple, Google and 5 more | 10 Adobe Air, Adobe Air Sdk, Flash Player and 7 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2013-2017 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error. | ||||
| CVE-2010-0006 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567. | ||||
| CVE-2013-1763 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-11 | N/A |
| Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message. | ||||
| CVE-2011-1082 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-11 | N/A |
| fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. | ||||
| CVE-2011-1083 | 3 Linux, Redhat, Suse | 9 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-11 | N/A |
| The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. | ||||
| CVE-2013-3223 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | ||||
| CVE-2013-2850 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-11 | N/A |
| Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet. | ||||
| CVE-2013-2015 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | N/A |
| The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test. | ||||
| CVE-2013-1792 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | N/A |
| Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads. | ||||