The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature.
Max CVSS
3.8
EPSS Score
0.25%
Published
2013-09-25
Updated
2023-02-13
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
Max CVSS
3.7
EPSS Score
0.04%
Published
1999-01-01
Updated
2022-08-17
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
Max CVSS
3.7
EPSS Score
0.04%
Published
2001-05-03
Updated
2017-10-10
Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow.
Max CVSS
3.7
EPSS Score
0.06%
Published
2005-07-11
Updated
2017-10-11
kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.
Max CVSS
3.7
EPSS Score
0.06%
Published
2013-05-03
Updated
2023-02-13
Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact.
Max CVSS
3.6
EPSS Score
0.06%
Published
2001-04-17
Updated
2016-12-08
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.
Max CVSS
3.6
EPSS Score
0.06%
Published
2001-04-17
Updated
2016-12-08
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall).
Max CVSS
3.6
EPSS Score
0.04%
Published
2002-08-12
Updated
2016-10-18
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
Max CVSS
3.6
EPSS Score
0.04%
Published
2003-02-19
Updated
2008-09-11
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.
Max CVSS
3.6
EPSS Score
0.36%
Published
2003-06-16
Updated
2017-10-11
Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.
Max CVSS
3.6
EPSS Score
0.04%
Published
2005-03-07
Updated
2017-10-11
The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.
Max CVSS
3.6
EPSS Score
0.06%
Published
2005-09-14
Updated
2018-10-19
The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers.
Max CVSS
3.6
EPSS Score
0.04%
Published
2005-08-17
Updated
2008-09-05
Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified.
Max CVSS
3.6
EPSS Score
0.04%
Published
2005-12-31
Updated
2018-10-03
madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way that combined two separate issues. The mprotect issue now has a separate name, CVE-2006-2071.
Max CVSS
3.6
EPSS Score
0.15%
Published
2006-04-19
Updated
2017-07-20
VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.
Max CVSS
3.6
EPSS Score
0.04%
Published
2008-01-15
Updated
2023-02-13
The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.
Max CVSS
3.6
EPSS Score
0.04%
Published
2008-05-12
Updated
2017-08-08
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.
Max CVSS
3.6
EPSS Score
0.05%
Published
2009-03-06
Updated
2020-08-26
The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.
Max CVSS
3.6
EPSS Score
0.04%
Published
2009-03-06
Updated
2012-03-19
drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347.
Max CVSS
3.6
EPSS Score
0.04%
Published
2012-06-21
Updated
2023-02-13
kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.
Max CVSS
3.6
EPSS Score
0.04%
Published
2013-03-01
Updated
2023-02-13
The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.
Max CVSS
3.6
EPSS Score
0.04%
Published
2013-03-22
Updated
2014-02-07
The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.
Max CVSS
3.6
EPSS Score
0.04%
Published
2013-12-09
Updated
2014-03-06
The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not properly determine uid and gid values, which allows local users to bypass intended /proc/sys/net restrictions via a crafted application.
Max CVSS
3.6
EPSS Score
0.04%
Published
2013-12-09
Updated
2023-02-13
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.
Max CVSS
3.6
EPSS Score
0.04%
Published
2015-03-03
Updated
2016-12-24
68 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!