Ingo Molnar

7 exploits Active since Nov 2009
CVE-2023-5717 NOMISEC HIGH STUB
Linux Kernel 3.2.95-3.2.99 - Heap Out-of-bounds Write in Performance Events Component
A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer. We recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.
CVSS 7.8
CVE-2011-2918 WRITEUP MEDIUM WRITEUP
Linux Kernel < 3.1 - Denial of Service via Performance Events Subsystem
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.
CVSS 5.5
CVE-2013-0268 WRITEUP WRITEUP
Linux Kernel < 3.7.6 - Local Privilege Escalation via MSR Device Access
The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.
CVE-2015-2672 WRITEUP MEDIUM WRITEUP
Linux Kernel < 3.19.1 - Denial of Service via xsave/xrstor Instruction Faulting
The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cause a denial of service (panic) by triggering a fault, as demonstrated by an unaligned memory operand or a non-canonical address memory operand.
CVSS 5.5
CVE-2018-20784 WRITEUP CRITICAL WRITEUP
Linux Kernel < 4.20.2 - Denial of Service via Infinite Loop in update_blocked_averages
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
CVSS 9.8
EIP-2026-103353 EXPLOITDB c WORKING POC
Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak
CVE-2009-3547 EXPLOITDB HIGH c WORKING POC
Linux Kernel < 2.6.32-rc6 - Race Condition in Pipe Handling via /proc/*/fd/ Pathname
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
CVSS 7.0