Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
LinuxLinux Kernel2.6.21

15 matches found

CVE
CVEadded 2007/06/11 11:30 p.m.88 views

CVE-2007-2453

The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on s...

1.2CVSS5.8AI score0.00108EPSS
CVE
CVEadded 2007/04/22 7:19 p.m.77 views

CVE-2007-2172

A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.

4.7CVSS5.4AI score0.00068EPSS
CVE
CVEadded 2007/03/22 7:19 p.m.76 views

CVE-2007-1592

net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting t...

4.9CVSS5.7AI score0.0024EPSS
CVE
CVEadded 2007/07/10 1:30 a.m.76 views

CVE-2007-3642

The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c in the Linux kernel before 2.6.20.15, 2.6.21.x before 2.6.21.6, and before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL poin...

7.8CVSS6.1AI score0.02057EPSS
CVE
CVEadded 2007/09/26 9:17 p.m.76 views

CVE-2007-5093

The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after th...

4CVSS5AI score0.00083EPSS
CVE
CVEadded 2007/06/11 11:30 p.m.75 views

CVE-2007-2876

The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.

6.1CVSS7.1AI score0.02946EPSS
CVE
CVEadded 2007/09/17 5:17 p.m.70 views

CVE-2007-3731

The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SIN...

4.9CVSS6AI score0.00038EPSS
CVE
CVEadded 2007/06/11 10:30 p.m.68 views

CVE-2007-2875

Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.

2.1CVSS5.5AI score0.00094EPSS
Web
CVE
CVEadded 2007/05/08 11:19 p.m.66 views

CVE-2007-2525

Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.

4.9CVSS6.9AI score0.00088EPSS
CVE
CVEadded 2007/05/03 5:19 p.m.64 views

CVE-2007-2480

The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applicati...

4.6CVSS6.3AI score0.00137EPSS
CVE
CVEadded 2007/10/23 10:46 a.m.60 views

CVE-2007-3850

The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space.

1.9CVSS5.5AI score0.00056EPSS
CVE
CVEadded 2007/05/29 8:30 p.m.57 views

CVE-2007-2451

Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.

5CVSS5.6AI score0.00858EPSS
CVE
CVEadded 2007/07/10 10:30 p.m.57 views

CVE-2007-3107

The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits.

2.1CVSS6AI score0.00086EPSS
CVE
CVEadded 2007/12/18 12:46 a.m.57 views

CVE-2007-6417

The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).

7.2CVSS7.1AI score0.00046EPSS
CVE
CVEadded 2007/11/15 8:46 p.m.49 views

CVE-2007-5501

The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.

7.8CVSS6AI score0.06635EPSS