CVE-2010-2538
- EPSS 0.38%
- Veröffentlicht 30.09.2010 15:00:01
- Zuletzt bearbeitet 16.06.2026 23:20:56
Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.
CVE-2010-2943
- EPSS 17.01%
- Veröffentlicht 30.09.2010 15:00:01
- Zuletzt bearbeitet 16.06.2026 23:21:48
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assign...
CVE-2010-2478
- EPSS 0.42%
- Veröffentlicht 29.09.2010 17:00:04
- Zuletzt bearbeitet 16.06.2026 23:20:49
Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL etht...
CVE-2010-2946
- EPSS 0.43%
- Veröffentlicht 29.09.2010 17:00:04
- Zuletzt bearbeitet 16.06.2026 23:21:48
fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespace restrictions via an "os2." substring at the begin...
CVE-2010-3084
- EPSS 0.43%
- Veröffentlicht 29.09.2010 17:00:04
- Zuletzt bearbeitet 16.06.2026 23:22:05
Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.
CVE-2010-3310
- EPSS 0.41%
- Veröffentlicht 29.09.2010 17:00:04
- Zuletzt bearbeitet 16.06.2026 23:22:33
Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function...
CVE-2010-1772
- EPSS 1.97%
- Veröffentlicht 24.09.2010 19:00:04
- Zuletzt bearbeitet 16.06.2026 23:19:17
Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web ...
CVE-2010-1773
- EPSS 2.15%
- Veröffentlicht 24.09.2010 19:00:04
- Zuletzt bearbeitet 16.06.2026 23:19:17
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory...
CVE-2010-3301
- EPSS 3.82%
- Veröffentlicht 22.09.2010 19:00:03
- Zuletzt bearbeitet 16.06.2026 23:22:32
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users...
CVE-2010-3477
- EPSS 0.4%
- Veröffentlicht 21.09.2010 20:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:51
The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to o...