Ben Hutchings

8 exploits Active since May 2012
CVE-2012-0207 WRITEUP HIGH WRITEUP
Linux Kernel < 3.2.1 - Denial of Service via IGMP Packet Divide-By-Zero
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
CVSS 7.5
CVE-2012-0207 WRITEUP HIGH WRITEUP
Linux Kernel < 3.2.1 - Denial of Service via IGMP Packet Divide-By-Zero
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
CVSS 7.5
CVE-2011-0699 WRITEUP HIGH WRITEUP
Linux Kernel 2.6.37 - Denial of Service via btrfs_ioctl_space_info Integer Signedness Error
Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.
CVSS 7.0
CVE-2017-8068 WRITEUP HIGH WRITEUP
Linux Kernel 4.9.x < 4.9.11 - Denial of Service via DMA Scatterlist Handling
drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
CVSS 7.8
CVE-2017-8069 WRITEUP HIGH WRITEUP
Linux Kernel 4.9.x < 4.9.11 - Denial of Service via DMA Scatterlist Handling
drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
CVSS 7.8
CVE-2017-8070 WRITEUP HIGH WRITEUP
Linux Kernel 4.9.x < 4.9.11 - Denial of Service via DMA Scatterlist Handling
drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.
CVSS 7.8
CVE-2021-31873 WRITEUP CRITICAL WRITEUP
klibc < 2.0.9 - Integer Overflow to Heap Buffer Overflow in malloc
An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.
CVSS 9.8
CVE-2024-34455 WRITEUP HIGH WRITEUP
Buildroot <2024.02.2 - Info Disclosure
Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. A fix was released in 2024.02.2.
CVSS 7.5