Lucene search

K
LinuxLinux Kernel2.6.17

130 matches found

CVE
CVE
added 2006/11/22 1:7 a.m.59 views

CVE-2006-6056

Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows local users to cause a denial of service (crash) via a malformed file stream that triggers a NULL pointer dereference in the superblock_doinit function, as demonstrated using an HFS filesystem image.

4.9CVSS7AI score0.00048EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.58 views

CVE-2006-5174

The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that pre...

2.1CVSS7AI score0.00064EPSS
CVE
CVE
added 2009/05/05 8:30 p.m.58 views

CVE-2009-1184

The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass inten...

4.4CVSS4.2AI score0.00059EPSS
CVE
CVE
added 2010/04/12 6:30 p.m.57 views

CVE-2010-0741

The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) b...

7.8CVSS6.4AI score0.0211EPSS
CVE
CVE
added 2006/06/30 9:5 p.m.56 views

CVE-2006-2934

SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to derefer...

5CVSS7.1AI score0.19689EPSS
CVE
CVE
added 2007/05/29 8:30 p.m.56 views

CVE-2007-2451

Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.

5CVSS5.6AI score0.00858EPSS
CVE
CVE
added 2009/06/04 4:30 p.m.56 views

CVE-2009-1914

The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.

4.9CVSS4.2AI score0.00087EPSS
CVE
CVE
added 2006/04/05 5:4 p.m.55 views

CVE-2006-1055

The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read.

4.9CVSS7.2AI score0.00064EPSS
CVE
CVE
added 2007/07/10 10:30 p.m.54 views

CVE-2007-3107

The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits.

2.1CVSS6AI score0.00086EPSS
CVE
CVE
added 2007/12/18 12:46 a.m.54 views

CVE-2007-6417

The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).

7.2CVSS7.1AI score0.00046EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.53 views

CVE-2006-6060

The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a malformed NTFS file stream that triggers an infinite loop in the __find_get_block_slow function.

4.9CVSS7.1AI score0.00047EPSS
CVE
CVE
added 2007/03/10 7:19 p.m.53 views

CVE-2007-1388

The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which trigg...

4.4CVSS5.9AI score0.00203EPSS
CVE
CVE
added 2008/06/18 7:41 p.m.52 views

CVE-2008-2750

The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a crafted PPPOL2TP packet that results in a large va...

7.8CVSS7.8AI score0.12059EPSS
CVE
CVE
added 2009/12/13 1:30 a.m.52 views

CVE-2009-4306

Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel 2.6.32-git6 and earlier allows local users to cause a denial of service (filesystem corruption) via unknown vectors, a different vulnerability than CVE-2009-4131.

4.9CVSS6.3AI score0.0009EPSS
CVE
CVE
added 2008/05/02 4:5 p.m.51 views

CVE-2008-1675

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.

7.2CVSS5.7AI score0.00068EPSS
CVE
CVE
added 2010/06/03 2:30 p.m.51 views

CVE-2008-7256

mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspe...

1.2CVSS7.7AI score0.00108EPSS
CVE
CVE
added 2006/11/03 11:7 p.m.50 views

CVE-2006-5701

Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem.

4.9CVSS7.1AI score0.00307EPSS
CVE
CVE
added 2008/05/02 4:5 p.m.50 views

CVE-2008-1294

Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits.

2.1CVSS7.2AI score0.00039EPSS
CVE
CVE
added 2012/01/27 3:55 p.m.50 views

CVE-2011-4325

The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly initializing certain data, which allows local users to cause a denial of service (NULL pointer dereference and O_DIRECT oops), as demonstrated using diotest4 from LTP.

4.9CVSS5.6AI score0.00204EPSS
CVE
CVE
added 2006/04/10 8:2 p.m.49 views

CVE-2006-1522

The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring...

4.9CVSS7.1AI score0.00072EPSS
CVE
CVE
added 2009/01/13 5:0 p.m.49 views

CVE-2009-0024

The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vm_file structure member, and the mmap_region and do_munmap functions.

7.2CVSS6.7AI score0.00047EPSS
CVE
CVE
added 2009/02/17 5:30 p.m.49 views

CVE-2009-0605

Stack consumption vulnerability in the do_page_fault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registere...

4.9CVSS6.8AI score0.00053EPSS
CVE
CVE
added 2010/04/20 3:30 p.m.48 views

CVE-2010-1488

The proc_oom_score function in fs/proc/base.c in the Linux kernel before 2.6.34-rc4 uses inappropriate data structures during selection of a candidate for the OOM killer, which might allow local users to cause a denial of service via unspecified patterns of task creation.

2.1CVSS6.2AI score0.00147EPSS
CVE
CVE
added 2006/06/23 10:2 a.m.47 views

CVE-2006-3085

xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length.

7.8CVSS6.1AI score0.0247EPSS
CVE
CVE
added 2007/09/18 7:17 p.m.47 views

CVE-2007-0997

Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe l...

6.9CVSS6.4AI score0.00036EPSS
CVE
CVE
added 2009/10/30 8:30 p.m.46 views

CVE-2009-3623

The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 subsystem in the Linux kernel before 2.6.31.2 attempts to access a credentials cache even when a client specifies the AUTH_NULL authentication flavor, which allows remote attackers to cause a denial of service (NULL pointer derefere...

7.8CVSS7.3AI score0.01408EPSS
CVE
CVE
added 2009/09/02 5:30 p.m.45 views

CVE-2009-3043

The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonst...

4.9CVSS6.9AI score0.00128EPSS
CVE
CVE
added 2009/11/16 7:30 p.m.45 views

CVE-2009-3888

The do_mmap_pgoff function in mm/nommu.c in the Linux kernel before 2.6.31.6, when the CPU lacks a memory management unit, allows local users to cause a denial of service (OOPS) via an application that attempts to allocate a large amount of memory.

4.9CVSS7AI score0.00122EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.40 views

CVE-2006-6057

The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly other operating systems, allows local users to cause a denial of service (crash) via a malformed gfs2 file stream that triggers a NULL pointer dereference in the init_journal function.

4.9CVSS6AI score0.00064EPSS
CVE
CVE
added 2006/08/04 11:4 p.m.37 views

CVE-2006-3634

The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 perform the atomic futex operation in the kernel address space instead of the user address space, which allows local users to cause a denial of service (crash).

4.9CVSS5.2AI score0.00052EPSS
Total number of security vulnerabilities130