Lucene search

K
LinuxLinux Kernel2.6.18

148 matches found

CVE
CVE
added 2011/01/14 11:0 p.m.81 views

CVE-2010-3086

include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception fixup, which allows local users to cause a denial of service (panic) via an invalid application that triggers a page fault.

4.9CVSS5AI score0.00064EPSS
CVE
CVE
added 2010/04/06 10:30 p.m.80 views

CVE-2010-1088

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.

5.4CVSS5.6AI score0.01949EPSS
CVE
CVE
added 2012/06/16 9:55 p.m.80 views

CVE-2012-1583

Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux kernel before 2.6.22, when the xfrm6_tunnel module is enabled, allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets.

5CVSS8.3AI score0.01364EPSS
CVE
CVE
added 2008/02/12 9:0 p.m.79 views

CVE-2008-0600

The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.

7.2CVSS6AI score0.01003EPSS
CVE
CVE
added 2008/11/05 3:0 p.m.79 views

CVE-2008-4933

Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build...

7.8CVSS5.4AI score0.00995EPSS
CVE
CVE
added 2009/01/21 2:30 a.m.79 views

CVE-2009-0031

Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."

4.9CVSS5.7AI score0.00047EPSS
CVE
CVE
added 2010/12/30 7:0 p.m.79 views

CVE-2010-4161

The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (deadlock and system hang) by sending UDP traffic to a socket that has a crafted socket filter, a related issue t...

4.9CVSS6AI score0.00345EPSS
CVE
CVE
added 2008/12/09 12:30 a.m.77 views

CVE-2008-5079

net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.

4.9CVSS7.2AI score0.00986EPSS
CVE
CVE
added 2009/03/12 3:20 p.m.77 views

CVE-2009-0778

The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message, which allows rem...

7.1CVSS6.9AI score0.01648EPSS
CVE
CVE
added 2009/11/25 4:30 p.m.76 views

CVE-2009-4021

The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.

4.9CVSS6.6AI score0.00056EPSS
CVE
CVE
added 2008/10/15 8:7 p.m.75 views

CVE-2008-4554

The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.

4.6CVSS4.4AI score0.00063EPSS
CVE
CVE
added 2008/12/24 6:29 p.m.75 views

CVE-2008-5713

The __qdisc_run function in net/sched/sch_generic.c in the Linux kernel before 2.6.25 on SMP machines allows local users to cause a denial of service (soft lockup) by sending a large amount of network traffic, as demonstrated by multiple simultaneous invocations of the Netperf benchmark application...

4.9CVSS5.7AI score0.00066EPSS
CVE
CVE
added 2009/10/20 5:30 p.m.75 views

CVE-2009-2909

Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation.

4.9CVSS5.5AI score0.00047EPSS
CVE
CVE
added 2009/11/02 3:30 p.m.75 views

CVE-2009-3624

The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to th...

4.6CVSS6.8AI score0.00063EPSS
CVE
CVE
added 2007/07/10 1:30 a.m.74 views

CVE-2007-3642

The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c in the Linux kernel before 2.6.20.15, 2.6.21.x before 2.6.21.6, and before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL poin...

7.8CVSS6.1AI score0.01808EPSS
CVE
CVE
added 2008/06/30 10:41 p.m.74 views

CVE-2008-0598

Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary.

4.9CVSS5.6AI score0.00077EPSS
CVE
CVE
added 2008/10/03 5:41 p.m.74 views

CVE-2008-3833

The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified...

4.9CVSS6AI score0.13378EPSS
CVE
CVE
added 2007/09/26 9:17 p.m.73 views

CVE-2007-5093

The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after th...

4CVSS5AI score0.00083EPSS
CVE
CVE
added 2009/12/02 4:30 p.m.73 views

CVE-2009-4027

Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.

7.1CVSS6.3AI score0.01135EPSS
CVE
CVE
added 2007/09/14 1:17 a.m.72 views

CVE-2007-3740

The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges.

4.4CVSS5.8AI score0.0011EPSS
CVE
CVE
added 2008/10/15 8:7 p.m.72 views

CVE-2008-4576

sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires.

7.8CVSS7.1AI score0.04823EPSS
CVE
CVE
added 2009/08/18 9:0 p.m.72 views

CVE-2009-2849

The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability ...

4.7CVSS6.3AI score0.00081EPSS
CVE
CVE
added 2006/10/31 7:7 p.m.71 views

CVE-2006-5619

The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels.

2.1CVSS7.1AI score0.0011EPSS
CVE
CVE
added 2007/03/22 7:19 p.m.71 views

CVE-2007-1592

net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting t...

4.9CVSS5.7AI score0.0024EPSS
CVE
CVE
added 2007/06/11 11:30 p.m.71 views

CVE-2007-2876

The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.

6.1CVSS7.1AI score0.02946EPSS
CVE
CVE
added 2008/08/18 5:41 p.m.71 views

CVE-2008-3276

Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and ...

7.1CVSS5.3AI score0.04445EPSS
CVE
CVE
added 2008/11/05 3:0 p.m.71 views

CVE-2008-3527

arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, sys...

4.6CVSS5.5AI score0.00065EPSS
CVE
CVE
added 2008/11/17 11:30 p.m.71 views

CVE-2008-5025

Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008...

7.8CVSS5.5AI score0.012EPSS
CVE
CVE
added 2009/11/20 2:30 a.m.71 views

CVE-2009-4005

The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read.

7.2CVSS6.8AI score0.00054EPSS
CVE
CVE
added 2007/05/02 10:19 p.m.70 views

CVE-2007-0771

The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c.

4.9CVSS5.8AI score0.0013EPSS
CVE
CVE
added 2007/05/07 7:19 p.m.70 views

CVE-2007-1861

The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow.

4.9CVSS8.9AI score0.01188EPSS
CVE
CVE
added 2008/01/15 8:0 p.m.69 views

CVE-2008-0001

VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.

3.6CVSS5.8AI score0.00067EPSS
CVE
CVE
added 2008/03/26 12:44 a.m.69 views

CVE-2008-1514

arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platforms allows local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference.

4.9CVSS5AI score0.00115EPSS
CVE
CVE
added 2008/06/10 12:32 a.m.69 views

CVE-2008-2358

Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow.

7.2CVSS6.3AI score0.00066EPSS
CVE
CVE
added 2010/04/06 10:30 p.m.69 views

CVE-2010-1083

The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitiv...

4.7CVSS6.2AI score0.00067EPSS
CVE
CVE
added 2009/10/29 2:30 p.m.68 views

CVE-2009-3640

The update_cr8_intercept function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc1 does not properly handle the absence of an Advanced Programmable Interrupt Controller (APIC), which allows local users to cause a denial of service (NULL pointer dereference and system...

4.9CVSS8.8AI score0.00061EPSS
CVE
CVE
added 2006/12/02 2:28 a.m.67 views

CVE-2006-5751

Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request.

7.2CVSS7.4AI score0.00074EPSS
CVE
CVE
added 2009/08/18 9:0 p.m.67 views

CVE-2009-2846

The eisa_eeprom_read function in the parisc isa-eeprom component (drivers/parisc/eisa_eeprom.c) in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes that ppos is positive and causes an out-of-bounds re...

7.8CVSS6.3AI score0.00314EPSS
CVE
CVE
added 2006/10/10 4:5 a.m.66 views

CVE-2006-3741

The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file descriptor consumption).

4.9CVSS7AI score0.00045EPSS
CVE
CVE
added 2008/09/11 1:13 a.m.66 views

CVE-2008-3915

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

9.3CVSS5.3AI score0.05797EPSS
CVE
CVE
added 2008/12/22 3:30 p.m.66 views

CVE-2008-5702

Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.

7.2CVSS4.5AI score0.00061EPSS
CVE
CVE
added 2009/04/22 3:30 p.m.66 views

CVE-2009-1360

The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.

7.1CVSS4.3AI score0.01773EPSS
CVE
CVE
added 2009/10/29 2:30 p.m.66 views

CVE-2009-3638

Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.

7.2CVSS6.9AI score0.00061EPSS
CVE
CVE
added 2009/12/02 4:30 p.m.66 views

CVE-2009-4026

The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch."

7.8CVSS6.5AI score0.01292EPSS
CVE
CVE
added 2010/06/03 2:30 p.m.66 views

CVE-2010-1643

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown ...

6.9CVSS7.2AI score0.00093EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.65 views

CVE-2006-6058

The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness err...

4CVSS6AI score0.00184EPSS
CVE
CVE
added 2007/02/20 5:28 p.m.65 views

CVE-2007-0772

The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.

7.8CVSS6AI score0.02668EPSS
CVE
CVE
added 2006/11/06 8:7 p.m.64 views

CVE-2006-5757

Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures.

1.2CVSS7.1AI score0.00598EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.64 views

CVE-2006-6053

The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures.

4.9CVSS6.9AI score0.00061EPSS
CVE
CVE
added 2007/02/15 6:28 p.m.64 views

CVE-2007-0958

Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump, a variant of CVE-2004-1073.

2.1CVSS7AI score0.00198EPSS
Total number of security vulnerabilities148