| Definition ID | Class | Title | Last Modified |
|---|
| oval:org.mitre.oval:def:9709 | V | VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories. | 2013-04-29 |
| oval:org.mitre.oval:def:9840 | V | The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations. | 2013-04-29 |
| oval:org.mitre.oval:def:9901 | V | Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function. | 2013-04-29 |
| oval:org.mitre.oval:def:10719 | V | The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information. | 2013-04-29 |
| oval:org.mitre.oval:def:11233 | V | The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry. | 2013-04-29 |