Suse

Linux Enterprise Real Time Extension

57 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
1.9

CVE-2010-4078

  • EPSS 0.07%
  • Published 29.11.2010 16:00:03
  • Last modified 11.04.2025 00:51:21

The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via ...

1.9

CVE-2010-4072

  • EPSS 0.1%
  • Published 29.11.2010 16:00:02
  • Last modified 11.04.2025 00:51:21

The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmct...

1.9

CVE-2010-4073

Exploit
  • EPSS 0.24%
  • Published 29.11.2010 16:00:02
  • Last modified 11.04.2025 00:51:21

The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat...

7.2

CVE-2010-2962

  • EPSS 0.12%
  • Published 26.11.2010 19:00:06
  • Last modified 11.04.2025 00:51:21

drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows l...

4.9

CVE-2010-4169

  • EPSS 0.05%
  • Published 22.11.2010 13:00:19
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call.

4.9

CVE-2010-4165

Exploit
  • EPSS 0.27%
  • Published 22.11.2010 13:00:19
  • Last modified 11.04.2025 00:51:21

The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small v...

7.8

CVE-2010-3432

  • EPSS 4.32%
  • Published 22.11.2010 13:00:02
  • Last modified 11.04.2025 00:51:21

The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP ...

4.7

CVE-2010-3442

  • EPSS 0.17%
  • Published 04.10.2010 21:00:04
  • Last modified 11.04.2025 00:51:21

Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a...

6.6

CVE-2010-3437

Exploit
  • EPSS 1.83%
  • Published 04.10.2010 21:00:04
  • Last modified 11.04.2025 00:51:21

Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dere...

2.1

CVE-2010-3298

  • EPSS 0.07%
  • Published 30.09.2010 15:00:02
  • Last modified 11.04.2025 00:51:21

The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIO...