Linux Kernel@2.4.0 Security Vulnerabilities and Issues — Linux Kernel@2.4.0 CVE List

Lucene search

LinuxLinux Kernel2.4.0

6 matches found

CVE•added 2003/03/31 5:0 a.m.•87 views

CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.

7.2CVSS5.9AI score0.00951EPSS

CVE•added 2003/08/27 4:0 a.m.•71 views

CVE-2003-0462

A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).

1.2CVSS5.8AI score0.0016EPSS

CVE•added 2003/05/27 4:0 a.m.•67 views

CVE-2003-0244

The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions.

5CVSS6.1AI score0.06885EPSS

CVE•added 2003/06/16 4:0 a.m.•63 views

CVE-2003-0246

The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.

3.6CVSS6AI score0.00122EPSS

CVE•added 2003/08/07 4:0 a.m.•54 views

CVE-2003-0476

The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.

2.1CVSS5.9AI score0.00111EPSS

CVE•added 2003/08/18 4:0 a.m.•50 views

CVE-2003-0465

The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.

5CVSS6.3AI score0.00473EPSS