This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Linux First view 2012-06-13
Product Linux Kernel Last view 2013-07-29
Version 2.6.36 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:linux:linux_kernel

Activity : Overall

Related : CVE

  Date Alert Description
4.7 2013-07-29 CVE-2013-4127

Use-after-free vulnerability in the vhost_net_set_backend function in drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users to cause a denial of service (OOPS and system crash) via vectors involving powering on a virtual machine.

4.9 2013-04-22 CVE-2013-3237

The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

4.9 2013-04-22 CVE-2013-3236

The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

2.1 2012-06-13 CVE-2011-2210

The osf_getsysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform does not properly restrict the data size for GSI_GET_HWRPB operations, which allows local users to obtain sensitive information from kernel memory via a crafted call.

2.1 2012-06-13 CVE-2011-2208

Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.

5 2012-06-13 CVE-2011-1927

The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets.

CWE : Common Weakness Enumeration

%idName
40% (2) CWE-200 Information Exposure
20% (1) CWE-399 Resource Management Errors
20% (1) CWE-264 Permissions, Privileges, and Access Controls
20% (1) CWE-189 Numeric Errors

Open Source Vulnerability Database (OSVDB)

id Description
74682 Linux Kernel osf_getdomainname Arbitrary Local Memory Disclosure
72462 Linux Kernel net/ipv4/ip_fragment.c ip_expire() Function Fragmented Packet Re...

OpenVAS Exploits

id Description
2012-03-09 Name : Ubuntu Update for linux-ti-omap4 USN-1394-1
File : nvt/gb_ubuntu_USN_1394_1.nasl
2012-03-07 Name : Ubuntu Update for linux USN-1379-1
File : nvt/gb_ubuntu_USN_1379_1.nasl
2012-03-07 Name : Ubuntu Update for linux-ti-omap4 USN-1383-1
File : nvt/gb_ubuntu_USN_1383_1.nasl
2012-03-07 Name : Ubuntu Update for linux-lts-backport-maverick USN-1387-1
File : nvt/gb_ubuntu_USN_1387_1.nasl

Nessus® Vulnerability Scanner

id Description
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_4_kernel-110726.nasl - Type: ACT_GATHER_INFO
2013-08-21 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-1935-1.nasl - Type: ACT_GATHER_INFO
2013-08-21 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-1936-1.nasl - Type: ACT_GATHER_INFO
2012-03-08 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-1394-1.nasl - Type: ACT_GATHER_INFO
2012-03-07 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-1383-1.nasl - Type: ACT_GATHER_INFO
2012-03-07 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-1387-1.nasl - Type: ACT_GATHER_INFO
2012-02-29 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-1379-1.nasl - Type: ACT_GATHER_INFO
2011-07-14 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-1167-1.nasl - Type: ACT_GATHER_INFO