Search CVE reports
331 – 340 of 579 results
CVE-2008-3915
Low prioritySome fixes available 2 of 3
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |
CVE-2008-3911
Low priorityThe proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified...
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |
CVE-2007-6716
Low prioritySome fixes available 2 of 3
fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |
CVE-2008-3901
Negligible prioritySoftware suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain...
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |
CVE-2008-3792
Low prioritynet/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which...
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |
CVE-2008-3525
Low prioritySome fixes available 3 of 4
The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE,...
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |
CVE-2008-3526
Medium priorityInteger overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a...
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |
CVE-2008-3276
Medium prioritySome fixes available 2 of 3
Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of...
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |
CVE-2008-3686
Medium priorityThe rt6_fill_node function in net/ipv6/route.c in Linux kernel 2.6.26-rc4, 2.6.26.2, and possibly other 2.6.26 versions, allows local users to cause a denial of service (kernel OOPS) via IPv6 requests when no IPv6 input device is...
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |
CVE-2008-3275
Medium priorityThe (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local...
4 affected packages
linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-source-2.6.15 | — | — | — | — | — |
linux-source-2.6.20 | — | — | — | — | — |
linux-source-2.6.22 | — | — | — | — | — |