Product:

Linux_enterprise_real_time_extension

(Suse)
Repositories https://github.com/torvalds/linux
#Vulnerabilities 58
Date Id Summary Products Score Patch Annotated
2010-12-22 CVE-2010-4347 The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACPI interpreter tables, related to the acpi_debugfs_init function in drivers/acpi/debugfs.c. Linux_kernel, Opensuse, Linux_enterprise_real_time_extension N/A
2010-12-29 CVE-2010-3874 Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation. Debian_linux, Fedora, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server N/A
2010-12-30 CVE-2010-3848 Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures. Ubuntu_linux, Debian_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-30 CVE-2010-3849 The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field. Ubuntu_linux, Debian_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-30 CVE-2010-3850 The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call. Ubuntu_linux, Debian_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-30 CVE-2010-4158 The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. Fedora, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2010-12-30 CVE-2010-4258 The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call. Fedora, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2011-01-03 CVE-2010-3876 net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. Debian_linux, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2011-01-03 CVE-2010-4162 Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. Fedora, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2011-01-03 CVE-2010-4163 The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device. Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_real_time_extension, Linux_enterprise_server N/A