Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
Max CVSS
7.0
EPSS Score
0.04%
Published
2009-11-04
Updated
2024-02-15
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
Max CVSS
7.2
EPSS Score
0.05%
Published
2009-11-20
Updated
2023-02-13
2 vulnerabilities found