Linux Kernel CVE Statistics
11 Linux Kernel CVEs in September 2008
Full month · Source: NIST NVD
In September 2008, 11 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 4 were rated High severity and 4 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. September's 11 CVEs represent 14% of all 2008 Linux kernel CVEs , up from August's 8 (a 38% month-over-month increase) .
11
Total CVEs
0
Critical
4
High
4
Medium
3
Low
0
KEV Exploited
All CVEs — September 2008
11 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2008-3915 | linux | High | 9.3 | 2008-09-11 | Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an … | |
| CVE-2008-3911 | linux | High | 7.2 | 2008-09-04 | The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain bu… | |
| CVE-2008-3525 | linux | High | 7.2 | 2008-09-03 | The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for … | |
| CVE-2008-3792 | linux | High | 7.1 | 2008-09-03 | net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4… | |
| CVE-2008-4302 | linux | Medium | 5.5 | 2008-09-29 | fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_t… | |
| CVE-2007-6716 | linux | Medium | 5.5 | 2008-09-04 | fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which … | |
| CVE-2008-4113 | linux | Medium | 4.7 | 2008-09-16 | The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) impleme… | |
| CVE-2008-4210 | linux | Medium | 4.6 | 2008-09-29 | fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a f… | |
| CVE-2008-3528 | linux | Low | 2.1 | 2008-09-27 | The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux … | |
| CVE-2008-3889 | linux | Low | 2.1 | 2008-09-12 | Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epo… | |
| CVE-2008-3901 | linux | Low | 2.1 | 2008-09-03 | Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIO… |