Oval Definition:oval:org.mitre.oval:tst:31661
Comment:kernel-devel is earlier than 0:2.6.9-5.0.5.EL
Type:rpminfo_testNamespace:linux
Check_Existence:at_least_one_existsCheck:at least one
State Operator:AND
References
Object:oval:org.mitre.oval:obj:13732
State:oval:org.mitre.oval:ste:8986
Referencing Definitions
Definition IDClassTitleLast Modified
oval:org.mitre.oval:def:8994
V
Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.
2013-04-29
oval:org.mitre.oval:def:9040
V
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
2013-04-29
oval:org.mitre.oval:def:9307
V
Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.
2013-04-29
oval:org.mitre.oval:def:9460
V
Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.
2013-04-29
oval:org.mitre.oval:def:9487
V
The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route.
2013-04-29
oval:org.mitre.oval:def:9562
V
Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.
2013-04-29
oval:org.mitre.oval:def:9870
V
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
2013-04-29
oval:org.mitre.oval:def:10095
V
The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.
2013-04-29
oval:org.mitre.oval:def:10275
V
The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761.
2013-04-29
oval:org.mitre.oval:def:10336
V
The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761.
2013-04-29
oval:org.mitre.oval:def:10400
V
The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address.
2013-04-29
oval:org.mitre.oval:def:10431
V
Race condition in the Radeon DRI driver for Linux kernel 2.6.8.1 allows local users with DRI privileges to execute arbitrary code as root.
2013-04-29
oval:org.mitre.oval:def:10640
V
The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer.
2013-04-29
oval:org.mitre.oval:def:10753
V
The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.
2013-04-29
oval:org.mitre.oval:def:10867
V
Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file.
2013-04-29
oval:org.mitre.oval:def:10960
V
Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.
2013-04-29
oval:org.mitre.oval:def:11001
V
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
2013-04-29
oval:org.mitre.oval:def:11719
V
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
2013-04-29
BACK