Linux : Security Vulnerabilities, CVEs, Published In February 2010
The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem.
Max CVSS
4.9
EPSS Score
0.04%
Published
2010-02-15
Updated
2020-08-14
The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space.
Max CVSS
2.1
EPSS Score
0.04%
Published
2010-02-15
Updated
2018-10-10
The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.
Max CVSS
4.6
EPSS Score
0.04%
Published
2010-02-17
Updated
2023-02-13
drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages.
Max CVSS
4.9
EPSS Score
0.04%
Published
2010-02-22
Updated
2023-02-13
The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file.
Max CVSS
6.8
EPSS Score
0.35%
Published
2010-02-12
Updated
2023-02-13
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
Max CVSS
4.7
EPSS Score
0.04%
Published
2010-02-17
Updated
2023-02-13
The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306.
Max CVSS
6.5
EPSS Score
0.23%
Published
2010-02-12
Updated
2017-09-19
The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess."
Max CVSS
4.6
EPSS Score
0.05%
Published
2010-02-15
Updated
2023-02-13
The selinux_parse_skb_ipv6 function in security/selinux/hooks.c in the Linux kernel before 2.6.12-rc4 allows remote attackers to cause a denial of service (OOPS) via vectors associated with an incorrect call to the ipv6_skip_exthdr function.
Max CVSS
7.8
EPSS Score
1.34%
Published
2010-02-26
Updated
2018-10-30
9 vulnerabilities found