Max CVSS 7.8 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2009-1192 4.9
The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows
13-02-2023 - 01:17 24-04-2009 - 15:30
CVE-2009-1072 4.9
nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash o
02-09-2020 - 16:01 25-03-2009 - 01:30
CVE-2009-1242 4.9
The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode e
27-08-2020 - 16:43 06-04-2009 - 14:30
CVE-2009-0834 3.6
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass
26-08-2020 - 12:57 06-03-2009 - 11:30
CVE-2009-0028 2.1
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting thi
11-10-2018 - 20:58 27-02-2009 - 17:30
CVE-2009-1439 7.8
Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.
10-10-2018 - 19:36 27-04-2009 - 18:00
CVE-2009-1337 4.4
The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies
10-10-2018 - 19:36 22-04-2009 - 15:30
CVE-2009-1338 4.6
The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary
10-10-2018 - 19:36 22-04-2009 - 15:30
CVE-2009-0859 4.7
The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_IN
17-08-2017 - 01:30 09-03-2009 - 21:30
CVE-2009-1046 4.7
The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a sma
31-05-2016 - 15:08 23-03-2009 - 16:30
CVE-2009-1265 5.0
Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.
23-03-2012 - 04:00 08-04-2009 - 01:30
CVE-2009-1184 4.4
The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (
19-03-2012 - 04:00 05-05-2009 - 20:30
CVE-2009-0835 3.6
The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2)
19-03-2012 - 04:00 06-03-2009 - 11:30
Back to Top Mark selected
Back to Top