Show filters
81 Total Results
Displaying 71-80 of 81
Sort by:
Attacker Value
Unknown
CVE-2008-4576
Disclosure Date: October 15, 2008 (last updated October 04, 2023)
sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires.
0
Attacker Value
Unknown
CVE-2008-4554
Disclosure Date: October 15, 2008 (last updated October 04, 2023)
The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.
0
Attacker Value
Unknown
CVE-2008-4445
Disclosure Date: October 06, 2008 (last updated October 04, 2023)
The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113.
0
Attacker Value
Unknown
CVE-2008-4113
Disclosure Date: September 16, 2008 (last updated October 04, 2023)
The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function.
0
Attacker Value
Unknown
CVE-2008-3915
Disclosure Date: September 11, 2008 (last updated October 04, 2023)
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.
0
Attacker Value
Unknown
CVE-2008-3526
Disclosure Date: August 27, 2008 (last updated October 04, 2023)
Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.
0
Attacker Value
Unknown
CVE-2008-3276
Disclosure Date: August 18, 2008 (last updated October 04, 2023)
Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field.
0
Attacker Value
Unknown
CVE-2008-2750
Disclosure Date: June 18, 2008 (last updated October 04, 2023)
The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a crafted PPPOL2TP packet that results in a large value for a certain length variable.
0
Attacker Value
Unknown
CVE-2008-1669
Disclosure Date: May 08, 2008 (last updated October 04, 2023)
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
0
Attacker Value
Unknown
CVE-2008-1675
Disclosure Date: May 02, 2008 (last updated October 04, 2023)
The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.
0