Linux Kernel CVE Statistics
36 Linux Kernel CVEs in May 2012
Full month · Source: NIST NVD
In May 2012, 36 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 1 was rated Critical, 10 were rated High severity and 25 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. May's 36 CVEs represent 32% of all 2012 Linux kernel CVEs .
36
Total CVEs
1
Critical
10
High
25
Medium
0
Low
0
KEV Exploited
All CVEs — May 2012
36 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2011-3188 | linux | Critical | 9.1 | 2012-05-24 | The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate seque… | |
| CVE-2011-3191 | linux | High | 8.8 | 2012-05-24 | Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote… | |
| CVE-2012-1097 | linux | High | 7.8 | 2012-05-17 | The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get an… | |
| CVE-2012-0044 | linux | High | 7.8 | 2012-05-17 | Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (… | |
| CVE-2011-3359 | linux | High | 7.5 | 2012-05-24 | The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate rece… | |
| CVE-2011-2699 | linux | High | 7.5 | 2012-05-24 | The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for … | |
| CVE-2012-0207 | linux | High | 7.5 | 2012-05-17 | The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a de… | |
| CVE-2011-2517 | linux | High | 7.2 | 2012-05-24 | Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privi… | |
| CVE-2012-2319 | linux | High | 7.2 | 2012-05-17 | Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users t… | |
| CVE-2012-2123 | linux | High | 7.2 | 2012-05-17 | The cap_bprm_set_creds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the u… | |
| CVE-2011-4326 | linux | High | 7.1 | 2012-05-17 | The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Of… | |
| CVE-2011-3363 | linux | Medium | 6.5 | 2012-05-24 | The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referral… | |
| CVE-2011-2707 | linux | Medium | 6.0 | 2012-05-24 | The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space… | |
| CVE-2011-4081 | linux | Medium | 5.5 | 2012-05-24 | crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer der… | |
| CVE-2011-2906 | linux | Medium | 5.5 | 2012-05-24 | Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before… |