11 matches found
CVE-2004-0077
CVE-2004-0077 corresponds to a bounds-checking flaw in the Linux kernel mremap implementation (2.2 to 2.6.2). The issue arises when do_munmap return value is not properly checked after exceeding the maximum VMA descriptors, enabling a local attacker to gain root privileges. Connected advisories c...
CVE-2004-0814
CVE-2004-0814 describes race conditions in the Linux terminal layer (kernel 2.4.x and 2.6.x prior to 2.6.9). Root causes include a TIOCSETD ioctl race on a terminal interface accessed by multiple threads and a separate race when switching from console to PPP line discipline, which could allow loc...
CVE-2000-0506
The CVE refers to the Linux kernel capabilities feature prior to 2.2.16. Local users can cause a denial of service or gain privileges by manipulating capabilities to prevent a setuid program from dropping privileges. The provided documents do not include exploit details or a specified fix/patch i...
CVE-2005-0178
CVE-2005-0178 describes a race condition in the setsid() handling of the Linux kernel before 2.6.8.1. Local users could crash the kernel and potentially access portions of kernel memory related to TTY changes, locking, and semaphores. Affected software: Linux kernel versions prior to 2.6.8.1 (per...
CVE-2005-0504
CVE-2005-0504 is a buffer overflow in the MoxaDriverIoctl function of the MOXA serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x prior to 2.6.22. This vulnerability could allow a local unprivileged user to execute arbitrary code via a modified length value. The CVE is referenced in multiple...
CVE-2005-0815
CVE-2005-0815 affects the Linux kernel iso9660 filesystem handler in versions up to 2.6.11 (and earlier). The issue is described as multiple range-checking flaws in the ISO-9660 file system code, which could be triggered by mounting a crafted/corrupted ISO image on CD-ROM. Impact stated in connec...
CVE-2004-0685
The CVE-2004-0685 issue affects Linux kernel 2.4 USB drivers that use copy_to_user on uninitialized structures, enabling local attackers to read memory not cleared from prior usage and potentially leak sensitive information. The description specifies local/partial impacts on confidentiality and i...
CVE-1999-0431
CVE-1999-0431 affects Linux kernels 2.2.3 and earlier, where a flaw in IP fragment handling lets a remote attacker perform an IP fragmentation attack to cause a denial of service. The Red Hat and CVE records consistently describe the issue as a remote DoS via IP fragmentation. Public details in t...
CVE-2005-0749
The CVE-2005-0749 issue affects the Linux kernel prior to 2.6.11.6. The vulnerability arises in load_elf_library where freeing an invalid pointer via a crafted ELF library or executable can trigger a kernel crash (DoS). Affected component: kernel’s ELF loading/free path (load_elf_library). The pu...
CVE-2004-1057
The CVE-2004-1057 issue affects Linux kernel 2.4.19 and earlier, where several drivers do not mark memory with VM_IO, causing incorrect reference counts and potentially a denial of service via kernel panic when accessing freed pages. Connected advisories (RHSA-2006:0140, RHSA-2005:016, CESA-2006:...
CVE-2005-4635
CVE-2005-4635 affects the Linux kernel via nl_fib_input in fib_frontend.c, where lack of validation for header and payload lengths allows remote attackers to trigger a denial of service (invalid memory reference) with malformed fib_lookup netlink messages. Affected lineage is kernels before 2.6.1...