Filtered by vendor Linux
Subscribe
Search
Total
5234 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6053 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures. | |||||
| CVE-2006-5871 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.1 MEDIUM | N/A |
| smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings. | |||||
| CVE-2006-5757 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 1.2 LOW | N/A |
| Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures. | |||||
| CVE-2006-5755 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| Linux kernel before 2.6.18, when running on x86_64 systems, does not properly save or restore EFLAGS during a context switch, which allows local users to cause a denial of service (crash) by causing SYSENTER to set an NT flag, which can trigger a crash on the IRET of the next task. | |||||
| CVE-2006-5754 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| The aio_setup_ring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service (crash) via an unspecified error path that causes an incorrect free operation. | |||||
| CVE-2006-5753 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop | 2017-10-11 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors. | |||||
| CVE-2006-5158 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 3.3 LOW | N/A |
| The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock. | |||||
| CVE-2006-4814 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.6 MEDIUM | N/A |
| The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock. | |||||
| CVE-2006-4535 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to backporting of the CVE-2006-3745 patch. | |||||
| CVE-2005-2873 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 2.1 LOW | N/A |
| The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vulnerability than CVE-2005-2872. | |||||
| CVE-2005-1768 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 3.7 LOW | N/A |
| Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow. | |||||
| CVE-2005-0815 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 6.4 MEDIUM | N/A |
| Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem. | |||||
| CVE-2005-0750 | 5 Conectiva, Linux, Redhat and 2 more | 8 Linux, Linux Kernel, Enterprise Linux and 5 more | 2017-10-11 | 7.2 HIGH | N/A |
| The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. | |||||
| CVE-2006-2446 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 5.4 MEDIUM | N/A |
| Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests from the LTP test suite. | |||||
| CVE-2006-1855 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 2.1 LOW | N/A |
| choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process. | |||||
| CVE-2006-1863 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 2.1 LOW | N/A |
| Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864. | |||||
| CVE-2006-1862 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service (panic) by running lsof a large number of times in a way that produces a heavy system load. | |||||
| CVE-2006-1858 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 7.8 HIGH | N/A |
| SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters. | |||||
| CVE-2006-1856 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 7.5 HIGH | N/A |
| Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions. | |||||
| CVE-2006-1857 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 9.0 HIGH | N/A |
| Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk. | |||||
| CVE-2006-1527 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 5.0 MEDIUM | N/A |
| The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function. | |||||
| CVE-2006-1522 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function. | |||||
| CVE-2006-0558 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. | |||||
| CVE-2006-0456 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 2.1 LOW | N/A |
| The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2005-4881 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the (1) tc_fill_qdisc, (2) tcf_fill_node, (3) neightbl_fill_info, (4) neightbl_fill_param_info, (5) neigh_fill_info, (6) rtnetlink_fill_ifinfo, (7) rtnetlink_fill_iwinfo, (8) vif_delete, (9) ipmr_destroy_unres, (10) ipmr_cache_alloc_unres, (11) ipmr_cache_resolve, (12) inet6_fill_ifinfo, (13) tca_get_fill, (14) tca_action_flush, (15) tcf_add_notify, (16) tc_dump_action, (17) cbq_dump_police, (18) __nlmsg_put, (19) __rta_fill, (20) __rta_reserve, (21) inet6_fill_prefix, (22) rsvp_dump, and (23) cbq_dump_ovl functions. | |||||
| CVE-2005-4811 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function. | |||||
| CVE-2005-4798 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 5.0 MEDIUM | N/A |
| Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client. | |||||
| CVE-2006-0039 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.7 MEDIUM | N/A |
| Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE. | |||||
| CVE-2006-0038 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 6.9 MEDIUM | N/A |
| Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. | |||||
| CVE-2005-3623 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 5.0 MEDIUM | N/A |
| nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems. | |||||
| CVE-2005-3119 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 2.1 LOW | N/A |
| Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys. | |||||
| CVE-2005-3108 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 2.1 LOW | N/A |
| mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist. | |||||
| CVE-2003-0462 | 2 Linux, Mandrakesoft | 4 Linux Kernel, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2017-10-11 | 1.2 LOW | N/A |
| A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). | |||||
| CVE-2003-0619 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 5.0 MEDIUM | N/A |
| Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. | |||||
| CVE-2004-1074 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2017-10-11 | 2.1 LOW | N/A |
| The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. | |||||
| CVE-2004-1073 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2017-10-11 | 2.1 LOW | N/A |
| The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. | |||||
| CVE-2003-0465 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 5.0 MEDIUM | N/A |
| The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks. | |||||
| CVE-2004-0535 | 6 Conectiva, Engardelinux, Gentoo and 3 more | 17 Linux, Secure Community, Secure Linux and 14 more | 2017-10-11 | 2.1 LOW | N/A |
| The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. | |||||
| CVE-2003-0187 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 5.0 MEDIUM | N/A |
| The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts. | |||||
| CVE-2003-0246 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 3.6 LOW | N/A |
| The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. | |||||
| CVE-2004-1057 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2017-10-11 | 7.2 HIGH | N/A |
| Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages. | |||||
| CVE-2003-0244 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 5.0 MEDIUM | N/A |
| The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions. | |||||
| CVE-2004-1056 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2017-10-11 | 6.4 MEDIUM | N/A |
| Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. | |||||
| CVE-2005-0504 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.6 MEDIUM | N/A |
| Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value. | |||||
| CVE-2005-0210 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 4.9 MEDIUM | N/A |
| Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice. | |||||
| CVE-2005-0209 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 7.8 HIGH | N/A |
| Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments. | |||||
| CVE-2005-0207 | 4 Conectiva, Linux, Redhat and 1 more | 5 Linux, Linux Kernel, Enterprise Linux and 2 more | 2017-10-11 | 2.1 LOW | N/A |
| Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT. | |||||
| CVE-2005-0204 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 2.1 LOW | N/A |
| Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local users to write to privileged IO ports via the OUTS instruction. | |||||
| CVE-2005-0137 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 2.1 LOW | N/A |
| Linux kernel 2.6 on Itanium (ia64) architectures allows local users to cause a denial of service via a "missing Itanium syscall table entry." | |||||
| CVE-2004-0447 | 1 Linux | 1 Linux Kernel | 2017-10-11 | 7.2 HIGH | N/A |
| Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS. | |||||