Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical selinux vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2011-3151
The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem.
Canonical Selinux
7.1
CVSSv2
CVE-2009-1633
Multiple buffer overflows in the cifs subsystem in the Linux kernel prior to 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment...
Linux Linux Kernel
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
2.1
CVSSv2
CVE-2020-12768
An issue exists in the Linux kernel prior to 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
4.9
CVSSv2
CVE-2009-1072
nfsd in the Linux kernel prior to 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.
Linux Linux Kernel
Opensuse Opensuse 11.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Vmware Vcenter Server 4.0
Vmware Virtualcenter 2.0.2
Vmware Virtualcenter 2.5
Vmware Server 2.0.0
Vmware Esx 3.5
Vmware Esx 4.0
Vmware Esx 3.0.3
Vmware Vma 4.0
3.6
CVSSv2
CVE-2020-11565
An issue exists in the Linux kernel up to and including 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that ...
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
4.3
CVSSv2
CVE-2020-10711
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions prior to 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_net...
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Virtualization Host 4.0
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Aus 7.4
Redhat Enterprise Linux 8.0
Redhat Messaging Realtime Grid 2.0
Redhat 3scale 2.0
Redhat Openstack 13
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
2.1
CVSSv2
CVE-2020-11494
An issue exists in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 up to and including 5.6.2. It allows malicious users to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT...
Linux Linux Kernel
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
4.9
CVSSv2
CVE-2020-11608
An issue exists in the Linux kernel prior to 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
4.9
CVSSv2
CVE-2020-11609
An issue exists in the stv06xx subsystem in the Linux kernel prior to 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
4.4
CVSSv2
CVE-2009-1630
The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and previous versions, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execut...
Linux Linux Kernel
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.04
Vmware Esx 2.5.5
Vmware Esx 3.0.3
Vmware Esx 3.5
Vmware Esx 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »