CVE-2010-3858
- EPSS 0.91%
- Veröffentlicht 30.11.2010 21:38:23
- Zuletzt bearbeitet 16.06.2026 23:23:41
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit pl...
CVE-2010-4078
- EPSS 0.38%
- Veröffentlicht 29.11.2010 16:00:03
- Zuletzt bearbeitet 16.06.2026 23:24:06
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via ...
CVE-2010-4079
- EPSS 0.38%
- Veröffentlicht 29.11.2010 16:00:03
- Zuletzt bearbeitet 16.06.2026 23:24:06
The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memor...
CVE-2010-4072
- EPSS 0.38%
- Veröffentlicht 29.11.2010 16:00:02
- Zuletzt bearbeitet 16.06.2026 23:24:04
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmct...
CVE-2010-4073
- EPSS 1.54%
- Veröffentlicht 29.11.2010 16:00:02
- Zuletzt bearbeitet 16.06.2026 23:24:05
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat...
CVE-2010-4074
- EPSS 0.38%
- Veröffentlicht 29.11.2010 16:00:02
- Zuletzt bearbeitet 16.06.2026 23:24:05
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl cal...
CVE-2010-3705
- EPSS 2.02%
- Veröffentlicht 26.11.2010 20:00:02
- Zuletzt bearbeitet 16.06.2026 23:23:22
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a cr...
CVE-2010-2963
- EPSS 0.82%
- Veröffentlicht 26.11.2010 19:00:06
- Zuletzt bearbeitet 16.06.2026 23:21:50
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kerne...
CVE-2010-3432
- EPSS 5.54%
- Veröffentlicht 22.11.2010 13:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:45
The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP ...
CVE-2010-4008
- EPSS 3.13%
- Veröffentlicht 17.11.2010 01:00:02
- Zuletzt bearbeitet 16.06.2026 23:23:58
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to ca...