Lucene search

K

13 matches found

CVE
CVE
added 2006/03/27 12:2 a.m.66 views

CVE-2006-1066

Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call.

1.2CVSS5.2AI score0.0006EPSS
CVE
CVE
added 2006/03/09 1:6 p.m.62 views

CVE-2006-0742

The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing user faults on Itanium systems.

4.6CVSS6.9AI score0.00058EPSS
CVE
CVE
added 2006/03/07 2:2 a.m.61 views

CVE-2006-0741

Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."

1.2CVSS5.6AI score0.00091EPSS
CVE
CVE
added 2006/03/21 6:2 p.m.59 views

CVE-2006-1343

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portio...

2.1CVSS7AI score0.00102EPSS
CVE
CVE
added 2006/03/23 11:6 p.m.58 views

CVE-2006-1368

Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply ...

10CVSS6.3AI score0.03102EPSS
CVE
CVE
added 2006/03/12 9:2 p.m.56 views

CVE-2006-0557

sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors.

4.9CVSS6.1AI score0.00079EPSS
CVE
CVE
added 2006/03/22 8:6 p.m.55 views

CVE-2006-0038

Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.

6.9CVSS7.5AI score0.00091EPSS
CVE
CVE
added 2006/03/02 1:0 a.m.54 views

CVE-2005-3359

The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules.

4.9CVSS5.8AI score0.00045EPSS
CVE
CVE
added 2006/03/21 6:2 p.m.51 views

CVE-2006-1342

net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory.

2.1CVSS5.5AI score0.00186EPSS
CVE
CVE
added 2006/03/14 2:2 a.m.50 views

CVE-2006-0457

Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it ...

7.1CVSS7.1AI score0.015EPSS
CVE
CVE
added 2006/03/15 5:6 p.m.50 views

CVE-2006-1242

The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks...

5CVSS7.3AI score0.0304EPSS
CVE
CVE
added 2006/03/07 2:2 a.m.49 views

CVE-2006-0555

The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O).

2.1CVSS5.8AI score0.00097EPSS
CVE
CVE
added 2006/03/07 2:2 a.m.46 views

CVE-2006-0554

Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data.

1.7CVSS5.2AI score0.00114EPSS