Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-1577

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-03 May, 2011 | 19:00
Updated At-06 Aug, 2024 | 22:28
Rejected At-
Credits

Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:03 May, 2011 | 19:00
Updated At:06 Aug, 2024 | 22:28
Rejected At:
â–¼CVE Numbering Authority (CNA)

Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
vdb-entry
x_refsource_XF
http://securitytracker.com/id?1025355
vdb-entry
x_refsource_SECTRACK
https://bugzilla.redhat.com/show_bug.cgi?id=695976
x_refsource_CONFIRM
http://openwall.com/lists/oss-security/2011/04/13/1
mailing-list
x_refsource_MLIST
http://www.securityfocus.com/bid/47343
vdb-entry
x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2011-0833.html
vendor-advisory
x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
vendor-advisory
x_refsource_FEDORA
http://securityreason.com/securityalert/8238
third-party-advisory
x_refsource_SREASON
http://www.securityfocus.com/archive/1/517477/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.spinics.net/lists/mm-commits/msg83274.html
mailing-list
x_refsource_MLIST
http://downloads.avaya.com/css/P8/documents/100145416
x_refsource_CONFIRM
http://openwall.com/lists/oss-security/2011/04/12/17
mailing-list
x_refsource_MLIST
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://securitytracker.com/id?1025355
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=695976
Resource:
x_refsource_CONFIRM
Hyperlink: http://openwall.com/lists/oss-security/2011/04/13/1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.securityfocus.com/bid/47343
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://rhn.redhat.com/errata/RHSA-2011-0833.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://securityreason.com/securityalert/8238
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://www.securityfocus.com/archive/1/517477/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.spinics.net/lists/mm-commits/msg83274.html
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://downloads.avaya.com/css/P8/documents/100145416
Resource:
x_refsource_CONFIRM
Hyperlink: http://openwall.com/lists/oss-security/2011/04/12/17
Resource:
mailing-list
x_refsource_MLIST
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
vdb-entry
x_refsource_XF
x_transferred
http://securitytracker.com/id?1025355
vdb-entry
x_refsource_SECTRACK
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=695976
x_refsource_CONFIRM
x_transferred
http://openwall.com/lists/oss-security/2011/04/13/1
mailing-list
x_refsource_MLIST
x_transferred
http://www.securityfocus.com/bid/47343
vdb-entry
x_refsource_BID
x_transferred
http://rhn.redhat.com/errata/RHSA-2011-0833.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://securityreason.com/securityalert/8238
third-party-advisory
x_refsource_SREASON
x_transferred
http://www.securityfocus.com/archive/1/517477/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.spinics.net/lists/mm-commits/msg83274.html
mailing-list
x_refsource_MLIST
x_transferred
http://downloads.avaya.com/css/P8/documents/100145416
x_refsource_CONFIRM
x_transferred
http://openwall.com/lists/oss-security/2011/04/12/17
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://securitytracker.com/id?1025355
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=695976
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://openwall.com/lists/oss-security/2011/04/13/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.securityfocus.com/bid/47343
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2011-0833.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://securityreason.com/securityalert/8238
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/517477/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.spinics.net/lists/mm-commits/msg83274.html
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://downloads.avaya.com/css/P8/documents/100145416
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://openwall.com/lists/oss-security/2011/04/12/17
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:03 May, 2011 | 19:55
Updated At:29 Apr, 2026 | 01:13

Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.9MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 4.9
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CPE Matches

Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions up to 2.6.38(inclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.2
cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.2
cpe:2.3:o:linux:linux_kernel:2.6.2:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.2
cpe:2.3:o:linux:linux_kernel:2.6.2:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.2
cpe:2.3:o:linux:linux_kernel:2.6.2:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:rc4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.4
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.4
cpe:2.3:o:linux:linux_kernel:2.6.4:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.4
cpe:2.3:o:linux:linux_kernel:2.6.4:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.4
cpe:2.3:o:linux:linux_kernel:2.6.4:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.5
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.5
cpe:2.3:o:linux:linux_kernel:2.6.5:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.5
cpe:2.3:o:linux:linux_kernel:2.6.5:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.5
cpe:2.3:o:linux:linux_kernel:2.6.5:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:rc4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.8.1
cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.9
cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.9
cpe:2.3:o:linux:linux_kernel:2.6.9:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.9
cpe:2.3:o:linux:linux_kernel:2.6.9:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.9
cpe:2.3:o:linux:linux_kernel:2.6.9:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.9
cpe:2.3:o:linux:linux_kernel:2.6.9:rc4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://downloads.avaya.com/css/P8/documents/100145416secalert@redhat.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.htmlsecalert@redhat.com
N/A
http://openwall.com/lists/oss-security/2011/04/12/17secalert@redhat.com
Patch
http://openwall.com/lists/oss-security/2011/04/13/1secalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2011-0833.htmlsecalert@redhat.com
N/A
http://securityreason.com/securityalert/8238secalert@redhat.com
N/A
http://securitytracker.com/id?1025355secalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/517477/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/47343secalert@redhat.com
N/A
http://www.spinics.net/lists/mm-commits/msg83274.htmlsecalert@redhat.com
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=695976secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/66773secalert@redhat.com
N/A
http://downloads.avaya.com/css/P8/documents/100145416af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://openwall.com/lists/oss-security/2011/04/12/17af854a3a-2127-422b-91ae-364da2661108
Patch
http://openwall.com/lists/oss-security/2011/04/13/1af854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2011-0833.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://securityreason.com/securityalert/8238af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1025355af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/517477/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/47343af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.spinics.net/lists/mm-commits/msg83274.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=695976af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/66773af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://downloads.avaya.com/css/P8/documents/100145416
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://openwall.com/lists/oss-security/2011/04/12/17
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://openwall.com/lists/oss-security/2011/04/13/1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2011-0833.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/8238
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://securitytracker.com/id?1025355
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/517477/100/0/threaded
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/47343
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.spinics.net/lists/mm-commits/msg83274.html
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=695976
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://downloads.avaya.com/css/P8/documents/100145416
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://openwall.com/lists/oss-security/2011/04/12/17
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://openwall.com/lists/oss-security/2011/04/13/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2011-0833.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/8238
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1025355
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/517477/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/47343
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.spinics.net/lists/mm-commits/msg83274.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=695976
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1011Records found

CVE-2013-4312
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.60% / 44.39%
||
7 Day CHG~0.00%
Published-08 Feb, 2016 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.

Action-Not Available
Vendor-n/aOracle CorporationLinux Kernel Organization, Inc
Product-linuxlinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-0231
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.44% / 35.34%
||
7 Day CHG~0.00%
Published-13 Feb, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aXen ProjectLinux Kernel Organization, Inc
Product-xenlinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-4086
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.39% / 31.04%
||
7 Day CHG~0.00%
Published-03 Jul, 2012 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-3635
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.53% / 41.03%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 03:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of invalid Register Stack Engine (RSE) state.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-3234
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-1.80% / 75.76%
||
7 Day CHG~0.00%
Published-17 Sep, 2009 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-5395
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.38% / 29.79%
||
7 Day CHG~0.00%
Published-09 Dec, 2008 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses.

Action-Not Available
Vendor-n/aHP Inc.Linux Kernel Organization, Inc
Product-pa-risclinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-7740
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.62% / 45.17%
||
7 Day CHG~0.00%
Published-07 Mar, 2018 | 08:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationvirtualization_hostenterprise_linux_desktopn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10940
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.54% / 41.45%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 17:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-1091
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 33.56%
||
7 Day CHG~0.00%
Published-27 Mar, 2018 | 21:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelLinux kernel v4.13 and newer
CWE ID-CWE-391
Unchecked Error Condition
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10881
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.77% / 50.98%
||
7 Day CHG~0.00%
Published-26 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linux_for_real_time_for_nfventerprise_linux_desktopenterprise_linux_for_real_timekernel
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-1000199
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-1.22% / 65.03%
||
7 Day CHG~0.00%
Published-24 May, 2018 | 13:00
Updated-05 Aug, 2024 | 12:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18193
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.38% / 29.92%
||
7 Day CHG-0.01%
Published-22 Feb, 2018 | 15:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-3635
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.24% / 15.26%
||
7 Day CHG~0.00%
Published-13 Aug, 2021 | 13:22
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxlinux_kernelfedorakernel
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-15128
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.41% / 33.01%
||
7 Day CHG~0.00%
Published-14 Jan, 2018 | 06:00
Updated-05 Aug, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelenterprise_linuxenterprise_mrgLinux kernel before 4.13.12
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10154
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.45% / 36.19%
||
7 Day CHG~0.00%
Published-06 Feb, 2017 | 06:04
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x before 4.9.1 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a scatterlist.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-5400
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.37% / 29.39%
||
7 Day CHG~0.00%
Published-06 Aug, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1333
Matching Score-10
Assigner-Canonical Ltd.
ShareView Details
Matching Score-10
Assigner-Canonical Ltd.
CVSS Score-4.9||MEDIUM
EPSS-0.48% / 37.95%
||
7 Day CHG~0.00%
Published-31 Aug, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9728
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.45% / 36.11%
||
7 Day CHG~0.00%
Published-31 Aug, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-4513
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.51% / 39.54%
||
7 Day CHG~0.00%
Published-12 Nov, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-3288
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.44% / 35.20%
||
7 Day CHG~0.00%
Published-22 Sep, 2009 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. NOTE: this is only exploitable by users who can open the cdrom device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-0605
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.37% / 28.68%
||
7 Day CHG~0.00%
Published-17 Feb, 2009 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack consumption vulnerability in the do_page_fault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered Kprobes probe.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7042
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.40% / 31.46%
||
7 Day CHG~0.00%
Published-16 Oct, 2016 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-1592
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.40% / 32.45%
||
7 Day CHG~0.00%
Published-22 Mar, 2007 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-2039
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.46% / 36.45%
||
7 Day CHG~0.00%
Published-28 Feb, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-1874
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.60% / 44.38%
||
7 Day CHG~0.00%
Published-28 Feb, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSE
Product-linux_enterprise_serverubuntu_linuxlinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2006-0035
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.38% / 29.85%
||
7 Day CHG+0.01%
Published-11 Jan, 2006 | 21:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2005-3783
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.43% / 34.75%
||
7 Day CHG~0.00%
Published-23 Nov, 2005 | 21:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14.2, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, which allows local users to cause a denial of service (crash).

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2013-4220
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.50% / 38.84%
||
7 Day CHG~0.00%
Published-25 Aug, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The bad_mode function in arch/arm64/kernel/traps.c in the Linux kernel before 3.9.5 on the ARM64 platform allows local users to cause a denial of service (system crash) via vectors involving an attempted register access that triggers an unexpected value in the Exception Syndrome Register (ESR).

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2013-2232
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.56% / 42.28%
||
7 Day CHG~0.00%
Published-04 Jul, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-2128
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.37% / 28.74%
||
7 Day CHG~0.00%
Published-07 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2013-0290
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.40% / 32.17%
||
7 Day CHG~0.00%
Published-19 Feb, 2013 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0190
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.37% / 28.56%
||
7 Day CHG~0.00%
Published-13 Feb, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-6657
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.53% / 40.90%
||
7 Day CHG~0.00%
Published-28 Sep, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNovell
Product-suse_linux_enterprise_serverlinux_kerneln/a
CVE-2012-5532
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.41% / 32.65%
||
7 Day CHG~0.00%
Published-27 Dec, 2012 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2012-4398
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.41% / 32.88%
||
7 Day CHG~0.00%
Published-18 Feb, 2013 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2006-6057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.49% / 38.50%
||
7 Day CHG~0.00%
Published-22 Nov, 2006 | 01:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly other operating systems, allows local users to cause a denial of service (crash) via a malformed gfs2 file stream that triggers a NULL pointer dereference in the init_journal function.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2012-3375
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-1.02% / 59.19%
||
7 Day CHG~0.00%
Published-03 Oct, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2006-5754
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.40% / 31.48%
||
7 Day CHG~0.00%
Published-30 Jan, 2007 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The aio_setup_ring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service (crash) via an unspecified error path that causes an incorrect free operation.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2017-17862
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.44% / 35.10%
||
7 Day CHG~0.00%
Published-23 Dec, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-2384
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.36% / 27.76%
||
7 Day CHG~0.00%
Published-13 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2012-2121
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.41% / 33.20%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2012-2383
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.46% / 36.57%
||
7 Day CHG~0.00%
Published-13 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2012-1146
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.52% / 40.36%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncSUSE
Product-linux_enterprise_desktoplinux_enterprise_high_availability_extensionlinux_enterprise_serverfedoralinux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2012-1090
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 32.02%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-linux_enterprise_desktoplinux_enterprise_high_availability_extensionlinux_enterprise_serverenterprise_mrglinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-0038
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 31.95%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2012-0879
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.47% / 37.15%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSEDebian GNU/Linux
Product-debian_linuxubuntu_linuxlinux_enterprise_desktoplinux_enterprise_high_availability_extensionlinux_enterprise_serverlinux_kerneln/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2012-0058
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.38% / 29.58%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kiocb_batch_free function in fs/aio.c in the Linux kernel before 3.2.2 allows local users to cause a denial of service (OOPS) via vectors that trigger incorrect iocb management.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-17351
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.41% / 32.73%
||
7 Day CHG~0.00%
Published-08 Oct, 2019 | 00:00
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncXen Project
Product-xenlinux_kerneln/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2011-4621
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.44% / 35.40%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2011-4611
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.40% / 31.67%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of performance events.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 20
  • 21
  • Next
Details not found