CVE-2009-1961
- EPSS 0.59%
- Veröffentlicht 08.06.2009 01:00:00
- Zuletzt bearbeitet 16.06.2026 23:08:27
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of ...
CVE-2009-1962
- EPSS 0.33%
- Veröffentlicht 08.06.2009 01:00:00
- Zuletzt bearbeitet 16.06.2026 23:08:27
Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7) xfig-print[PID], (...
CVE-2009-1633
- EPSS 3.03%
- Veröffentlicht 28.05.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:41
Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to U...
CVE-2009-1630
- EPSS 0.49%
- Veröffentlicht 14.05.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:40
The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass pe...
CVE-2009-1573
- EPSS 0.46%
- Veröffentlicht 06.05.2009 17:30:09
- Zuletzt bearbeitet 16.06.2026 23:07:33
xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie (MCOOKIE) on the command line, which allows local users to gain privileges by listing the process and its arguments.
CVE-2009-1185
- EPSS 81.53%
- Veröffentlicht 17.04.2009 14:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:41
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
CVE-2009-1186
- EPSS 0.54%
- Veröffentlicht 17.04.2009 14:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:41
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
CVE-2009-0946
- EPSS 8.54%
- Veröffentlicht 17.04.2009 00:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:10
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
CVE-2009-1270
- EPSS 5.07%
- Veröffentlicht 08.04.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:54
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.
CVE-2009-1242
- EPSS 0.47%
- Veröffentlicht 06.04.2009 14:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:50
The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode e...