Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
LinuxLinux Kernel2.4.21

70 matches found

CVE
CVEadded 2006/05/09 8:0 p.m.54 views

CVE-2005-4798

Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.

5CVSS7.3AI score0.00892EPSS
CVE
CVEadded 2006/02/27 11:0 p.m.53 views

CVE-2003-0986

Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.

1.7CVSS6.2AI score0.00055EPSS
CVE
CVEadded 2004/11/23 5:0 a.m.53 views

CVE-2004-0415

Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.

2.1CVSS5.8AI score0.00299EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.53 views

CVE-2004-1071

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.

7.2CVSS7.4AI score0.00052EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.52 views

CVE-2004-0075

The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service.

2.1CVSS5.9AI score0.00074EPSS
CVE
CVEadded 2005/04/05 4:0 a.m.51 views

CVE-2005-0749

The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer.

7.2CVSS5AI score0.00043EPSS
CVE
CVEadded 2009/10/19 8:0 p.m.51 views

CVE-2005-4881

The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the (1) tc_fill_qdisc, (2) tcf_f...

4.9CVSS6.5AI score0.00073EPSS
CVE
CVEadded 2004/08/18 4:0 a.m.50 views

CVE-2004-0229

The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact.

4.6CVSS6.2AI score0.00081EPSS
CVE
CVEadded 2007/10/09 10:0 a.m.50 views

CVE-2004-2731

Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative bu...

4.4CVSS7.3AI score0.00127EPSS
CVE
CVEadded 2006/01/06 11:3 a.m.50 views

CVE-2006-0096

wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to exploit, since it is prote...

7.2CVSS5.1AI score0.00053EPSS
CVE
CVEadded 2006/03/15 5:6 p.m.50 views

CVE-2006-1242

The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks...

5CVSS7.3AI score0.0304EPSS
CVE
CVEadded 2004/08/06 4:0 a.m.49 views

CVE-2004-0658

Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_...

7.2CVSS7.9AI score0.00067EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.47 views

CVE-2004-0812

Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code.

2.1CVSS7AI score0.00072EPSS
CVE
CVEadded 2005/05/11 4:0 a.m.47 views

CVE-2005-1263

The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pa...

7.2CVSS5.8AI score0.00058EPSS
CVE
CVEadded 2005/03/07 5:0 a.m.45 views

CVE-2005-0179

Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call.

2.1CVSS5.2AI score0.00067EPSS
CVE
CVEadded 2005/10/25 6:2 p.m.45 views

CVE-2005-2708

The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process using the bash uli...

2.1CVSS6.2AI score0.00097EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.42 views

CVE-2005-0207

Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

2.1CVSS6.2AI score0.00078EPSS
CVE
CVEadded 2006/01/09 11:0 a.m.42 views

CVE-2005-4635

The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages.

5CVSS6.6AI score0.01476EPSS
CVE
CVEadded 2005/06/01 4:0 a.m.40 views

CVE-2004-2135

cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

2.1CVSS6.9AI score0.00456EPSS
CVE
CVEadded 2003/08/27 4:0 a.m.39 views

CVE-2003-0467

Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, poss...

5CVSS6.8AI score0.00655EPSS
Total number of security vulnerabilities70