CVE-2006-5619

The CVE-2006-5619 issue is a Linux kernel 2.6.x vulnerability (up to 2.6.18-stable) where the /proc/net/ip6_flowlabel path handling can trigger an infinite loop while searching for flowlabels, allowing local users to cause a denial of service (hang or oops). Affected components are the ip6_fl_get...

CVE-2006-5158

The nlmclntmarkreclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service process crash and deny access to NFS exports via unspecified vectors that trigger a kernel oops null dereference and a deadlock...

security flaw

Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service kernel OOPS via a userspace process that issues a USB Request Block URB to a USB device and terminates before the URB is finished, which leads to a stale pointer reference...

security flaw

Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service kernel OOPS via a userspace process that issues a USB Request Block URB to a USB device and terminates before the URB is finished, which leads to a stale pointer reference...

Mandrake Linux Security Advisory : kernel (MDKSA-2006:086)

A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Prior to Linux kernel 2.6.16.5, the kernel does not properly handle uncanonical return addresses on Intel EM64T CPUs which causes the kernel exception handler to run on the user stack with the wrong GS...

CVE-2006-1522

The sysaddkey function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service OOPS via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the...

Code injection

The sysaddkey function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service OOPS via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the...

security flaw

Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service kernel OOPS from null dereference via 1 fput in a 32-bit ioctl on 64-bit x86 systems or 2 sockfdput in the 32-bit routingioctl function on 64-bit systems...

CVE-2003-1288

CVE-2003-1288 concerns multiple race conditions in Linux-VServer 1.22 running on Linux kernel 2.4.23 with SMP. The vulnerability enables local users to trigger a denial of service (kernel oops) via attack vectors affecting the s_info and ip_info data structures and through the forget_original_par...

CVE-2005-3809

The nfattrtotcp function in ipconntrackprototcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service kernel oops via an update message without private protocol information, which triggers a null dereference...

CVE-2005-3809

The nfattrtotcp function in ipconntrackprototcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service kernel oops via an update message without private protocol information, which triggers a null dereference...

CVE-2005-3810

ipconntrackprotoicmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service kernel oops via a message without ICMP ID ICMPID information, which leads to a null dereference...

CVE-2005-3809

The nfattrtotcp function in ipconntrackprototcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service kernel oops via an update message without private protocol information, which triggers a null dereference...

CVE-2005-2709

The sysctl functionality sysctl.c in Linux kernel before 2.6.14.1 allows local users to cause a denial of service kernel oops and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function...

RHEL 4 : Updated kernel packages available for Red Hat Enterprise Linux 4 Update 2 (Important) (RHSA-2005:514)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:514 advisory. The Linux kernel handles the basic functions of the operating system. This is the second regular kernel update to Red Hat Enterprise Linux 4...

CVE-2005-2548

vlandev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service kernel oops from null dereference via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd...

CVE-2005-2548

vlandev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service kernel oops from null dereference via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd...

CVE-2005-1767

CVE-2005-1767 affects Linux kernels 2.4.x and 2.6.x; the vulnerability exists in traps.c stack fault handler, allowing a local user to cause a kernel crash (Denial of Service) via stack exceptions. Public advisories (Debian, Red Hat/CentOS, Ubuntu) indicate updated kernel packages mitigate the is...

CVE-2005-2456

Array index overflow in the xfrmskpolicyinsert function in xfrmuser.c in Linux kernel 2.6 allows local users to cause a denial of service oops or deadlock and possibly execute arbitrary code via a p-dir value that is larger than XFRMPOLICYOUT, which is used as an index in the sock-skpolicy array...

FreeBSD : oops -- format string vulnerability (1033750f-cab4-11d9-9aed-000e0c2e438a)

A RST/GHC Advisory reports that there is an format string vulnerability in oops. The vulnerability can be found in the MySQL/PgSQL authentication module. Succesful exploitation may allow execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...