CVE-2008-2137
- EPSS 0.45%
- Veröffentlicht 29.05.2008 16:32:00
- Zuletzt bearbeitet 16.06.2026 22:53:10
The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span)...
CVE-2008-2136
- EPSS 4.93%
- Veröffentlicht 16.05.2008 12:54:00
- Zuletzt bearbeitet 16.06.2026 22:53:10
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT...
CVE-2008-2148
- EPSS 0.39%
- Veröffentlicht 12.05.2008 21:20:00
- Zuletzt bearbeitet 16.06.2026 22:53:11
The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrar...
CVE-2007-5498
- EPSS 0.34%
- Veröffentlicht 08.05.2008 00:20:00
- Zuletzt bearbeitet 16.06.2026 22:46:16
The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service (host OS crash) via a request that specifie...
CVE-2008-1669
- EPSS 0.41%
- Veröffentlicht 08.05.2008 00:20:00
- Zuletzt bearbeitet 16.06.2026 22:52:12
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
CVE-2008-1294
- EPSS 0.53%
- Veröffentlicht 02.05.2008 16:05:00
- Zuletzt bearbeitet 16.06.2026 22:51:26
Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits.
CVE-2008-1375
- EPSS 0.31%
- Veröffentlicht 02.05.2008 16:05:00
- Zuletzt bearbeitet 16.06.2026 22:51:36
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
CVE-2008-1675
- EPSS 0.53%
- Veröffentlicht 02.05.2008 16:05:00
- Zuletzt bearbeitet 16.06.2026 22:52:14
The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading...
CVE-2008-1514
- EPSS 0.53%
- Veröffentlicht 26.03.2008 00:44:00
- Zuletzt bearbeitet 16.06.2026 22:51:53
arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platforms allows local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which tri...
CVE-2008-0009
- EPSS 0.96%
- Veröffentlicht 12.02.2008 21:00:00
- Zuletzt bearbeitet 16.06.2026 22:48:45
The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.