Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

18 matches found

CVE•added 2006/05/19 10:2 p.m.•77 views

CVE-2006-0039

Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-...

4.7CVSS7.1AI score0.00065EPSS

CVE•added 2006/05/26 10:0 p.m.•75 views

CVE-2004-2660

Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests.

4.9CVSS6.9AI score0.00047EPSS

CVE•added 2006/05/05 12:46 p.m.•73 views

CVE-2006-1052

The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.

2.1CVSS7.2AI score0.00049EPSS

CVE•added 2006/05/03 10:2 p.m.•71 views

CVE-2006-1527

The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function.

5CVSS7.1AI score0.09301EPSS

CVE•added 2006/05/25 10:2 a.m.•68 views

CVE-2006-2444

The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed ...

7.8CVSS7.2AI score0.69801EPSS

CVE•added 2006/05/19 11:2 p.m.•66 views

CVE-2006-1856

Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions.

7.5CVSS7.2AI score0.0231EPSS

CVE•added 2006/05/31 10:0 a.m.•63 views

CVE-2004-0138

The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped.

4.9CVSS5.6AI score0.00058EPSS

CVE•added 2006/05/18 7:6 p.m.•63 views

CVE-2006-1528

Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.

4.9CVSS6.9AI score0.00089EPSS

CVE•added 2006/05/31 10:0 a.m.•62 views

CVE-2005-0489

The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory.

4.9CVSS5.8AI score0.00079EPSS

CVE•added 2006/05/22 4:6 p.m.•62 views

CVE-2006-1857

Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk.

9CVSS7.8AI score0.04596EPSS

CVE•added 2006/05/27 10:2 a.m.•60 views

CVE-2006-2629

Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing the /proc entry of a task that is exiting, which causes memory corruption that leads to a failure i...

4CVSS6.4AI score0.00178EPSS

CVE•added 2006/05/18 7:6 p.m.•56 views

CVE-2006-1855

choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process.

2.1CVSS6.9AI score0.00089EPSS

CVE•added 2006/05/22 4:6 p.m.•55 views

CVE-2006-1858

SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.

7.8CVSS7.6AI score0.1139EPSS

CVE•added 2006/05/09 8:0 p.m.•54 views

CVE-2005-4798

Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.

5CVSS7.3AI score0.00892EPSS

CVE•added 2006/05/12 1:2 a.m.•51 views

CVE-2006-1860

lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack.

2.1CVSS7.3AI score0.00107EPSS

CVE•added 2006/05/31 10:0 a.m.•47 views

CVE-2004-0997

Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors.

4.6CVSS6.1AI score0.00067EPSS

CVE•added 2006/05/12 1:2 a.m.•47 views

CVE-2006-1859

Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return value," aka "slab leak."

2.1CVSS7.2AI score0.00074EPSS

CVE•added 2006/05/24 5:6 p.m.•41 views

CVE-2006-1862

The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service (panic) by running lsof a large number of times in a way that produces a heavy system load.

4.9CVSS5.8AI score0.0005EPSS