Linux Kernel Security Vulnerabilities
The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the...
5.4AI Score
0.001EPSS
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown...
5.6AI Score
0.001EPSS
Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user...
5.2AI Score
0.001EPSS
Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service...
5.5AI Score
0.001EPSS
Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown...
5.3AI Score
0.001EPSS
Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of...
5.2AI Score
0.0004EPSS
The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed...
5.3AI Score
0.001EPSS
Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a...
5.4AI Score
0.013EPSS
Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service...
5.4AI Score
0.0004EPSS
Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on...
5.3AI Score
0.001EPSS
The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong...
6.6AI Score
0.0004EPSS
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running...
9.3AI Score
0.003EPSS
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as...
6.6AI Score
0.0004EPSS
The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the...
6.5AI Score
0.0004EPSS
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall...
6.7AI Score
0.013EPSS
Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response...
7AI Score
0.005EPSS
The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPUs, allows local users to cause a denial of service (system...
6.5AI Score
0.0004EPSS
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network...
7.1AI Score
0.012EPSS
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the...
6.6AI Score
0.001EPSS
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty...
6.7AI Score
0.0004EPSS
6.3AI Score
0.001EPSS
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route)...
7AI Score
0.015EPSS
IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a...
7.1AI Score
0.005EPSS
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the...
6.9AI Score
0.019EPSS
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel...
6.9AI Score
0.0004EPSS
IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0...
7AI Score
0.009EPSS
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain...
6.9AI Score
0.0004EPSS
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid...
6.5AI Score
0.0004EPSS
Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl...
5.4AI Score
0.0004EPSS
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established...
6.7AI Score
0.003EPSS
A system does not present an appropriate legal message or warning to a user who is accessing...
6.9AI Score
0.003EPSS
The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of...
6.5AI Score
0.0004EPSS
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group...
6.7AI Score
0.004EPSS
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of...
6.9AI Score
0.0004EPSS
7AI Score
0.0005EPSS
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc...
6.7AI Score
0.0004EPSS
Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of...
6.7AI Score
0.006EPSS
7.2AI Score
0.0004EPSS
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source...
7AI Score
0.007EPSS
Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged...
6.7AI Score
0.0004EPSS
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header...
7AI Score
0.002EPSS
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route)...
6.7AI Score
0.0004EPSS
In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the...
7AI Score
0.008EPSS