Suse

Linux Enterprise High Availability Extension

27 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2014-2706

Exploit
  • EPSS 3.1%
  • Veröffentlicht 14.04.2014 23:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related...

5

CVE-2014-2324

Exploit
  • EPSS 73.45%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.

9.8

CVE-2014-2323

Exploit
  • EPSS 92.39%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.

7.2

CVE-2013-3301

Exploit
  • EPSS 0.34%
  • Veröffentlicht 29.04.2013 14:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write acce...

5.5

CVE-2012-1146

Exploit
  • EPSS 0.1%
  • Veröffentlicht 17.05.2012 11:00:37
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer de...

7.8

CVE-2012-1097

  • EPSS 0.12%
  • Veröffentlicht 17.05.2012 11:00:37
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other...

5.5

CVE-2012-1090

  • EPSS 0.06%
  • Veröffentlicht 17.05.2012 11:00:37
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

5.5

CVE-2012-0879

  • EPSS 0.06%
  • Veröffentlicht 17.05.2012 11:00:36
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context...

7.2

CVE-2010-3865

  • EPSS 0.07%
  • Veröffentlicht 11.01.2011 03:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request,...

5.5

CVE-2010-3079

  • EPSS 0.12%
  • Veröffentlicht 30.09.2010 15:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference a...