| Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-3528 | 2.1 |
The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically prox
|
13-02-2023 - 02:19 | 27-09-2008 - 10:30 | |
| CVE-2008-3525 | 7.2 |
The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMAN
|
13-02-2023 - 02:19 | 03-09-2008 - 14:12 | |
| CVE-2008-3526 | 7.8 |
Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (pan
|
13-02-2023 - 02:19 | 27-08-2008 - 20:41 | |
| CVE-2008-4113 | 4.7 |
The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit
|
11-10-2018 - 20:50 | 16-09-2008 - 23:00 | |
| CVE-2008-3792 | 7.1 |
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to
|
11-10-2018 - 20:49 | 03-09-2008 - 14:12 | |
| CVE-2008-4576 | 7.8 |
sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the O
|
29-09-2017 - 01:32 | 15-10-2008 - 20:07 | |
| CVE-2008-4410 | 4.9 |
The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persis
|
08-08-2017 - 01:32 | 03-10-2008 - 17:41 | |
| CVE-2008-3911 | 7.2 |
The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified other impact via a cra
|
08-08-2017 - 01:32 | 04-09-2008 - 17:41 | |
| CVE-2008-4445 | 4.7 |
The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within
|
30-10-2012 - 03:17 | 06-10-2008 - 19:54 | |
| CVE-2008-4618 | 7.8 |
The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via
|
19-03-2012 - 04:00 | 21-10-2008 - 00:10 |