| Definition ID | Class | Title | Last Modified |
|---|
| oval:org.mitre.oval:def:9748 | V | The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information. | 2013-04-29 |
| oval:org.mitre.oval:def:10495 | V | xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied. | 2013-04-29 |
| oval:org.mitre.oval:def:10785 | V | inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". | 2013-04-29 |
| oval:org.mitre.oval:def:11536 | V | Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client. | 2013-04-29 |