Lucene search

K
LinuxLinux Kernel2.6.11

48 matches found

CVE
CVE
added 2005/04/03 5:0 a.m.95 views

CVE-2005-0750

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

7.2CVSS5.3AI score0.002EPSS
CVE
CVE
added 2005/03/13 5:0 a.m.72 views

CVE-2005-0736

Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.

2.1CVSS6AI score0.00049EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.70 views

CVE-2005-2458

inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".

5CVSS5.5AI score0.12945EPSS
CVE
CVE
added 2005/12/22 11:3 p.m.70 views

CVE-2005-3660

Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process ...

4.9CVSS8.9AI score0.00055EPSS
CVE
CVE
added 2005/09/14 7:3 p.m.69 views

CVE-2005-2490

Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.

4.6CVSS5.9AI score0.00136EPSS
CVE
CVE
added 2005/10/21 1:2 a.m.67 views

CVE-2005-3273

The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipea...

5CVSS5.1AI score0.0337EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.66 views

CVE-2005-2459

The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE...

5CVSS5.9AI score0.12945EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.66 views

CVE-2005-2555

Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.

4.6CVSS5.3AI score0.00093EPSS
CVE
CVE
added 2005/10/21 1:2 a.m.66 views

CVE-2005-3272

Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.

5CVSS5.7AI score0.01652EPSS
CVE
CVE
added 2005/10/21 1:2 a.m.66 views

CVE-2005-3276

The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.

2.1CVSS5.6AI score0.0011EPSS
CVE
CVE
added 2005/11/23 9:3 p.m.66 views

CVE-2005-3783

The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14.2, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, which allows local users to cause a denial of service (crash).

4.9CVSS5AI score0.00064EPSS
CVE
CVE
added 2005/09/26 7:3 p.m.65 views

CVE-2005-3055

Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference.

2.1CVSS4.9AI score0.0009EPSS
CVE
CVE
added 2005/10/21 1:2 a.m.65 views

CVE-2005-3275

The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be ...

2.6CVSS5.8AI score0.0897EPSS
CVE
CVE
added 2005/11/23 9:3 p.m.64 views

CVE-2005-3784

The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges.

4.9CVSS4.7AI score0.00062EPSS
CVE
CVE
added 2005/11/20 10:3 p.m.63 views

CVE-2005-2709

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function po...

4.6CVSS4.8AI score0.00219EPSS
CVE
CVE
added 2005/11/27 9:3 p.m.62 views

CVE-2005-3857

The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.

4.9CVSS4.5AI score0.00295EPSS
CVE
CVE
added 2005/03/07 5:0 a.m.61 views

CVE-2005-0178

Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.

6.2CVSS5.2AI score0.00048EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.61 views

CVE-2005-0815

Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.

6.4CVSS5.2AI score0.09342EPSS
CVE
CVE
added 2005/09/14 7:3 p.m.61 views

CVE-2005-2492

The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.

3.6CVSS5.6AI score0.00071EPSS
CVE
CVE
added 2005/09/06 5:3 p.m.61 views

CVE-2005-2800

Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterat...

2.1CVSS4.9AI score0.00159EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.61 views

CVE-2005-3806

The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.

6.6CVSS4.8AI score0.00165EPSS
CVE
CVE
added 2005/09/09 7:7 p.m.60 views

CVE-2005-2872

The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length based on the u_int3...

5CVSS7.1AI score0.05642EPSS
CVE
CVE
added 2005/10/27 6:2 p.m.60 views

CVE-2005-2973

The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).

2.1CVSS4.7AI score0.0029EPSS
CVE
CVE
added 2005/09/22 9:3 p.m.60 views

CVE-2005-3044

Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on 64-bit systems.

2.1CVSS5.2AI score0.0012EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.57 views

CVE-2005-2457

The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system.

5CVSS5.2AI score0.04853EPSS
CVE
CVE
added 2005/09/14 7:3 p.m.56 views

CVE-2005-1913

The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist.

2.1CVSS7AI score0.00063EPSS
CVE
CVE
added 2005/12/14 7:3 p.m.56 views

CVE-2005-3358

Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.

4.9CVSS4.4AI score0.00185EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.56 views

CVE-2005-3807

Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already be...

4.9CVSS6AI score0.00147EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.55 views

CVE-2005-0532

The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data types.

2.1CVSS5.5AI score0.00067EPSS
CVE
CVE
added 2005/11/27 12:3 a.m.54 views

CVE-2005-3848

Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply."

7.8CVSS4.7AI score0.067EPSS
CVE
CVE
added 2005/10/12 1:3 p.m.53 views

CVE-2005-3179

drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.

2.1CVSS4.4AI score0.00055EPSS
CVE
CVE
added 2005/11/27 10:3 p.m.53 views

CVE-2005-3858

Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed.

7.8CVSS4.6AI score0.0168EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.52 views

CVE-2005-0531

The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.

2.1CVSS5.4AI score0.0013EPSS
CVE
CVE
added 2005/09/09 7:7 p.m.52 views

CVE-2005-2873

The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vulnerability than CVE-2005-2872.

2.1CVSS5.6AI score0.05642EPSS
CVE
CVE
added 2005/04/05 4:0 a.m.51 views

CVE-2005-0749

The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer.

7.2CVSS5AI score0.00043EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.51 views

CVE-2005-2099

The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null derefe...

5CVSS6AI score0.0383EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.50 views

CVE-2005-2098

The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empt...

5CVSS6AI score0.03007EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.49 views

CVE-2005-3808

Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.

4.9CVSS6.1AI score0.00201EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.48 views

CVE-2005-1369

The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associ...

2.1CVSS5.3AI score0.00049EPSS
CVE
CVE
added 2005/03/30 5:0 a.m.47 views

CVE-2005-0937

Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions.

1.2CVSS5.2AI score0.00063EPSS
CVE
CVE
added 2005/05/11 4:0 a.m.47 views

CVE-2005-1263

The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pa...

7.2CVSS5.8AI score0.00058EPSS
CVE
CVE
added 2005/10/07 6:2 p.m.47 views

CVE-2005-1764

Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service.

2.1CVSS6.1AI score0.00063EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.46 views

CVE-2005-0916

AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes exit_aio and is_hugepage_...

2.1CVSS5.1AI score0.00146EPSS
CVE
CVE
added 2005/03/07 5:0 a.m.45 views

CVE-2005-0179

Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call.

2.1CVSS5.2AI score0.00067EPSS
CVE
CVE
added 2005/03/07 5:0 a.m.45 views

CVE-2005-0180

Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.

3.6CVSS7.3AI score0.00086EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.45 views

CVE-2005-3805

A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers.

4.9CVSS5.8AI score0.00047EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.44 views

CVE-2005-1368

The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP.

1.2CVSS5.2AI score0.00073EPSS
CVE
CVE
added 2005/06/01 4:0 a.m.40 views

CVE-2004-2135

cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

2.1CVSS6.9AI score0.00456EPSS