Linux : Security Vulnerabilities, CVEs, Published In November 2008
The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.
Max CVSS
6.9
EPSS Score
0.04%
Published
2008-11-21
Updated
2018-10-11
Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response."
Max CVSS
10.0
EPSS Score
8.86%
Published
2008-11-18
Updated
2018-10-03
The chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service (NULL function pointer dereference and OOPS) via unknown vectors.
Max CVSS
7.8
EPSS Score
0.23%
Published
2008-11-10
Updated
2017-08-08
The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2008-11-10
Updated
2018-10-11
Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.
Max CVSS
7.8
EPSS Score
0.23%
Published
2008-11-17
Updated
2017-09-29
The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (system crash) via a crafted hfsplus filesystem image.
Max CVSS
7.8
EPSS Score
0.23%
Published
2008-11-05
Updated
2018-11-02
Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.
Max CVSS
7.8
EPSS Score
0.25%
Published
2008-11-05
Updated
2017-09-29
Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.
Max CVSS
8.3
EPSS Score
5.50%
Published
2008-11-06
Updated
2017-08-08
arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions.
Max CVSS
4.6
EPSS Score
0.04%
Published
2008-11-05
Updated
2023-02-13
9 vulnerabilities found