Lucene search

K
LinuxLinux Kernel2.6.11.11

176 matches found

CVE
CVE
added 2005/11/27 9:3 p.m.62 views

CVE-2005-3857

The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.

4.9CVSS4.5AI score0.00295EPSS
CVE
CVE
added 2006/03/09 1:6 p.m.62 views

CVE-2006-0742

The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing user faults on Itanium systems.

4.6CVSS6.9AI score0.00058EPSS
CVE
CVE
added 2006/05/22 4:6 p.m.62 views

CVE-2006-1857

Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk.

9CVSS7.8AI score0.04596EPSS
CVE
CVE
added 2006/08/21 7:4 p.m.62 views

CVE-2006-4145

The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.

4.9CVSS6.8AI score0.00122EPSS
CVE
CVE
added 2007/03/02 9:18 p.m.62 views

CVE-2007-1217

Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet.

6.9CVSS6.1AI score0.0011EPSS
CVE
CVE
added 2008/05/29 4:32 p.m.62 views

CVE-2008-2137

The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, w...

4.4CVSS5.8AI score0.00088EPSS
CVE
CVE
added 2010/03/19 7:30 p.m.62 views

CVE-2009-4271

The Linux kernel 2.6.9 through 2.6.17 on the x86_64 and amd64 platforms allows local users to cause a denial of service (panic) via a 32-bit application that calls mprotect on its Virtual Dynamic Shared Object (VDSO) page and then triggers a segmentation fault.

4.7CVSS5.8AI score0.00047EPSS
CVE
CVE
added 2005/09/14 7:3 p.m.61 views

CVE-2005-2492

The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.

3.6CVSS5.6AI score0.00071EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.61 views

CVE-2005-3806

The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.

6.6CVSS4.8AI score0.00165EPSS
CVE
CVE
added 2006/03/07 2:2 a.m.61 views

CVE-2006-0741

Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."

1.2CVSS5.6AI score0.00091EPSS
CVE
CVE
added 2006/07/10 7:5 p.m.61 views

CVE-2006-2936

The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued.

7.8CVSS7AI score0.10179EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.61 views

CVE-2006-6054

The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum.

4CVSS7AI score0.00061EPSS
CVE
CVE
added 2009/08/14 3:16 p.m.61 views

CVE-2009-2767

The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference.

7.2CVSS7.3AI score0.00132EPSS
CVE
CVE
added 2005/10/27 6:2 p.m.60 views

CVE-2005-2973

The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).

2.1CVSS4.7AI score0.0029EPSS
CVE
CVE
added 2006/09/22 9:0 p.m.60 views

CVE-2005-4811

The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function.

4.9CVSS7.1AI score0.00047EPSS
CVE
CVE
added 2006/06/23 10:2 a.m.60 views

CVE-2006-2448

Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and possibly read kernel memory on 32-bit systems (si...

5.6CVSS7.2AI score0.00064EPSS
CVE
CVE
added 2008/01/29 8:0 p.m.60 views

CVE-2007-6694

The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference.

7.8CVSS5.6AI score0.01442EPSS
CVE
CVE
added 2008/06/30 9:41 p.m.60 views

CVE-2008-2365

Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between ut...

4.7CVSS4.9AI score0.01283EPSS
CVE
CVE
added 2009/02/10 10:0 p.m.60 views

CVE-2008-6107

The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel before 2.6.25.4, omit some virtual-address range (aka span) checks ...

4.9CVSS6AI score0.00088EPSS
CVE
CVE
added 2010/06/01 8:30 p.m.60 views

CVE-2010-1641

The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.

4.6CVSS5.3AI score0.00069EPSS
CVE
CVE
added 2012/10/03 11:2 a.m.60 views

CVE-2012-3510

Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.

5.6CVSS6.8AI score0.0009EPSS
CVE
CVE
added 2006/01/05 11:0 a.m.59 views

CVE-2005-4618

Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the...

3.6CVSS5.4AI score0.00139EPSS
CVE
CVE
added 2006/04/14 9:2 p.m.59 views

CVE-2006-0558

perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function.

4.9CVSS5.7AI score0.00048EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.59 views

CVE-2006-6056

Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows local users to cause a denial of service (crash) via a malformed file stream that triggers a NULL pointer dereference in the superblock_doinit function, as demonstrated using an HFS filesystem image.

4.9CVSS7AI score0.00048EPSS
CVE
CVE
added 2006/04/18 10:2 a.m.58 views

CVE-2006-0744

Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.

4.9CVSS7.1AI score0.00106EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.58 views

CVE-2006-5174

The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that pre...

2.1CVSS7AI score0.00064EPSS
CVE
CVE
added 2009/05/05 8:30 p.m.58 views

CVE-2009-1184

The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass inten...

4.4CVSS4.2AI score0.00059EPSS
CVE
CVE
added 2006/01/31 7:3 p.m.57 views

CVE-2006-0482

Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call.

2.1CVSS5.1AI score0.00066EPSS
CVE
CVE
added 2010/04/12 6:30 p.m.57 views

CVE-2010-0741

The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) b...

7.8CVSS6.4AI score0.0211EPSS
CVE
CVE
added 2005/09/14 7:3 p.m.56 views

CVE-2005-1913

The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist.

2.1CVSS7AI score0.00063EPSS
CVE
CVE
added 2005/12/14 7:3 p.m.56 views

CVE-2005-3358

Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.

4.9CVSS4.4AI score0.00185EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.56 views

CVE-2005-3807

Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already be...

4.9CVSS6AI score0.00147EPSS
CVE
CVE
added 2006/01/06 11:3 a.m.56 views

CVE-2006-0095

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.

2.1CVSS4.8AI score0.00132EPSS
CVE
CVE
added 2006/03/12 9:2 p.m.56 views

CVE-2006-0557

sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors.

4.9CVSS6.1AI score0.00079EPSS
CVE
CVE
added 2006/05/18 7:6 p.m.56 views

CVE-2006-1855

choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process.

2.1CVSS6.9AI score0.00066EPSS
CVE
CVE
added 2006/04/27 5:6 p.m.56 views

CVE-2006-2071

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs.

2.1CVSS7.2AI score0.00107EPSS
CVE
CVE
added 2007/05/29 8:30 p.m.56 views

CVE-2007-2451

Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.

5CVSS5.6AI score0.00858EPSS
CVE
CVE
added 2009/06/04 4:30 p.m.56 views

CVE-2009-1914

The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.

4.9CVSS4.2AI score0.00087EPSS
CVE
CVE
added 2006/03/22 8:6 p.m.55 views

CVE-2006-0038

Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.

6.9CVSS7.5AI score0.00091EPSS
CVE
CVE
added 2006/06/27 11:5 p.m.55 views

CVE-2006-0456

The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors.

2.1CVSS6.9AI score0.00066EPSS
CVE
CVE
added 2006/05/22 4:6 p.m.55 views

CVE-2006-1858

SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.

7.8CVSS7.6AI score0.1139EPSS
CVE
CVE
added 2006/06/23 10:2 a.m.55 views

CVE-2006-2445

Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting.

4CVSS5.8AI score0.00064EPSS
CVE
CVE
added 2006/03/02 1:0 a.m.54 views

CVE-2005-3359

The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules.

4.9CVSS5.8AI score0.00045EPSS
CVE
CVE
added 2005/11/27 12:3 a.m.54 views

CVE-2005-3848

Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply."

7.8CVSS4.7AI score0.067EPSS
CVE
CVE
added 2007/07/10 10:30 p.m.54 views

CVE-2007-3107

The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits.

2.1CVSS6AI score0.00086EPSS
CVE
CVE
added 2005/10/12 1:3 p.m.53 views

CVE-2005-3179

drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.

2.1CVSS4.4AI score0.00055EPSS
CVE
CVE
added 2005/11/27 10:3 p.m.53 views

CVE-2005-3858

Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed.

7.8CVSS4.6AI score0.0168EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.53 views

CVE-2006-6060

The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a malformed NTFS file stream that triggers an infinite loop in the __find_get_block_slow function.

4.9CVSS7.1AI score0.00047EPSS
CVE
CVE
added 2007/03/10 7:19 p.m.53 views

CVE-2007-1388

The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which trigg...

4.4CVSS5.9AI score0.00203EPSS
CVE
CVE
added 2008/06/18 7:41 p.m.52 views

CVE-2008-2750

The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a crafted PPPOL2TP packet that results in a large va...

7.8CVSS7.8AI score0.12059EPSS
Total number of security vulnerabilities176