linux linux kernel 2.6.36.1 vulnerabilities and exploits

(subscribe to this query)

Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel prior to 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files.

Linux Linux Kernel Linux Linux Kernel 2.6.36.3 Linux Linux Kernel 2.6.36.1 Linux Linux Kernel 2.6.36.2

1 EDB exploit

The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel prior to 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote malicious users to obtain access to a Wi-Fi network by reading Wi-Fi frames.

Linux Linux Kernel Linux Linux Kernel 2.6.36.3 Linux Linux Kernel 2.6.36.1 Linux Linux Kernel 2.6.36.2

The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel prior to 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by le...

Linux Linux Kernel Linux Linux Kernel 2.6.36.3 Linux Linux Kernel 2.6.36.1 Linux Linux Kernel 2.6.36.2

Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the Linux kernel prior to 2.6.37 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging the ability to operate a CUSE server.

Linux Linux Kernel Linux Linux Kernel 2.6.36.3 Linux Linux Kernel 2.6.36.1 Linux Linux Kernel 2.6.36.2

The do_task_stat function in fs/proc/array.c in the Linux kernel prior to 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file fo...

net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel prior to 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive infor...

net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel prior to 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive inform...

net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel prior to 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive infor...

Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and previous versions might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value tha...

drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and previous versions does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obt...

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook