52 matches found
CVE-2005-2708
The searchbinaryhandler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service panic, as demonstrated by running a process using the bash ulimi...
CVE-2005-3274
Race condition in ipvsconnflush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service null dereference by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is...
CVE-2004-1144
Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges...
CVE-2004-0685
Certain USB drivers in the Linux 2.4 kernel use the copytouser function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage...
CVE-2004-0565
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit...
CVE-2004-0394
A "potential" buffer overflow exists in the panic function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic...
CVE-2004-0394
A "potential" buffer overflow exists in the panic function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic...
CVE-2004-0177
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...
CVE-2004-0133
The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device...
CVE-2004-0177
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...
CVE-2004-0394
A "potential" buffer overflow exists in the panic function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic...
CVE-2004-0394
CVE-2004-0394 concerns a potential buffer overflow in the panic() function of Linux 2.4.x. The description explicitly indicates a possible overflow, but notes it may not be exploitable due to the function’s behavior. The connected OpenVAS entries reference this CVE among broader kernel advisories...
CVE-2004-0133
The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device...
CVE-2004-0181
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device...
CVE-2004-0177
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw devic...
CVE-2003-0550
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology...
CVE-2003-0462
A race condition in the way envstart and envend pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service crash...
CVE-2003-0551
The CVE-2003-0551 entry concerns the STP protocol in Linux 2.4.x. According to the sources, STP input processing did not properly verify certain lengths, which could allow attackers to cause a denial of service. Public documents reference Red Hat RHSA-2003:239 and Debian DSA advisories (DSA-423-1...
CVE-2003-0462
A race condition in the way envstart and envend pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service crash...
CVE-2003-0550
CVE-2003-0550 concerns the STP support in Linux kernel 2.4.x. The vulnerability stems from the STP protocol implementation failing to provide adequate security, enabling attackers to modify the bridge topology. Public documents in the connected set confirm this issue across multiple advisories (e...