Lucene search
K

109 matches found

CVE
CVE
added 2006/04/26 6:0 p.m.103 views

CVE-2006-1864

CVE-2006-1864: Directory traversal in smbfs (Linux kernel 2.6.16 and earlier) lets a local user escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences. Severity: CVSS v2 base 4.6 (Medium); vectors indicate LOCAL access with low complexity and partial confidentiality/integrit...

4.6CVSS7.2AI score0.0116EPSS
CVE
CVE
added 2006/08/23 7:0 p.m.102 views

CVE-2006-2932

CVE-2006-2932 is a regression in the restore_all code path of the 4/4GB split support for non-hugemem kernels in Red Hat Enterprise Linux 4 (Desktop/Enterprise) that allows a local user to cause a denial of service (panic) via unspecified vectors. The issue is documented in Red Hat advisories RHS...

4.9CVSS7.3AI score0.00384EPSS
CVE
CVE
added 2006/04/20 10:0 a.m.101 views

CVE-2006-1056

CVE-2006-1056 : A vulnerability in the Linux kernel (before 2.6.16.9) and FreeBSD on AMD64/7th–8th gen AMD processors causes FXSAVE/FXRSTOR to save/restore only certain x87 registers when an exception is pending. This can allow a local attacker to infer portions of the floating‑point state of oth...

2.1CVSS5AI score0.00448EPSS
CVE
CVE
added 2006/07/05 6:0 p.m.100 views

CVE-2006-2935

CVE-2006-2935 affects the Linux kernel starting with 2.2.16 and later, where the dvd_read_bca function in the DVD handling code (drivers/cdrom/cdrom.c) assigns the wrong value to a length variable, enabling a local user to trigger a buffer overflow via a crafted USB Storage device and execute arb...

4.6CVSS7.4AI score0.00575EPSS
CVE
CVE
added 2006/05/19 10:0 p.m.99 views

CVE-2006-0039

CVE-2006-0039 is a race condition in the Linux kernel 2.6.16 netfilter do_add_counters that can allow a local user with CAP_NET_ADMIN to trigger a buffer over-read in IPT_ENTRY_ITERATE, enabling read of kernel memory. Public advisories (Ubuntu USN-311-1, Red Hat RHSA-2006:0689, Debian DSA-1097/11...

4.7CVSS7.1AI score0.00296EPSS
CVE
CVE
added 2006/05/26 10:0 p.m.96 views

CVE-2004-2660

CVE-2004-2660 is a vulnerability in the Linux kernel (2.6.x) where a memory leak in direct-io.c affects O_DIRECT write paths. Impact is local denial of service through memory consumption. The issue is fixed in the 2.6.10 update (as reflected by the ChangeLog-2.6.10 and related advisories); apply ...

4.9CVSS6.9AI score0.00389EPSS
CVE
CVE
added 2006/09/05 7:0 p.m.95 views

CVE-2006-4538

CVE-2006-4538 describes a vulnerability in Linux kernel 2.6.17 and earlier on Itanium (IA64) and SPARC where a malformed ELF image can trigger cross-region memory mappings, allowing a local attacker to crash the system (denial of service). The root cause is in ELF handling that permits cross-regi...

4.9CVSS5.8AI score0.0041EPSS
CVE
CVE
added 2006/05/03 10:0 p.m.93 views

CVE-2006-1527

CVE-2006-1527 affects the SCTP-netfilter code in the Linux kernel; an invalid SCTP chunk size can cause for_each_sctp_chunk to loop indefinitely, enabling a remote attacker to trigger a denial of service. The issue is in kernels prior to 2.6.16.13 and is addressed by the upstream 2.6.16.13 patch....

5CVSS7.1AI score0.03815EPSS
CVE
CVE
added 2006/07/18 9:0 p.m.93 views

CVE-2006-3468

CVE-2006-3468 affects the Linux kernel 2.6.x when NFS and EXT3 are used. A remote attacker can trigger a denial of service by sending a crafted UDP packet containing a V2 lookup procedure that specifies a bad file handle (inode number). This triggers an error and causes the exported directory to ...

7.8CVSS7AI score0.1569EPSS
CVE
CVE
added 2006/08/23 7:0 p.m.92 views

CVE-2006-3745

CVE-2006-3745 affects the SCTP implementation in Linux 2.6.x (before 2.6.17.10) and 2.4.x (up to 2.4.33). The vulnerability resides in sctp_make_abort_user and allows a local user to cause a denial of service (panic) and potentially gain root privileges via unspecified attack vectors. Connected s...

7.2CVSS7.2AI score0.00423EPSS
CVE
CVE
added 2006/10/09 11:0 p.m.92 views

CVE-2006-4997

CVE-2006-4997 involves the Linux kernel ATM subsystem (clip_mkip in net/atm/clip.c). The issue allows a remote attacker to trigger a denial of service (panic) by causing the ATM subsystem to dereference memory of socket buffers after they have been freed. This is triggered by memory access patter...

7.5CVSS7AI score0.04722EPSS
CVE
CVE
added 2006/10/31 7:0 p.m.92 views

CVE-2006-5619

The CVE-2006-5619 issue is a Linux kernel 2.6.x vulnerability (up to 2.6.18-stable) where the /proc/net/ip6_flowlabel path handling can trigger an infinite loop while searching for flowlabels, allowing local users to cause a denial of service (hang or oops). Affected components are the ip6_fl_get...

2.1CVSS7.1AI score0.00407EPSS
CVE
CVE
added 2006/05/25 10:0 a.m.90 views

CVE-2006-2444

CVE-2006-2444 affects the Linux kernel SNMP NAT Netfilter processing. The vulnerability in snmp_trap_decode (kernel = 2.6.16.18) or applying vendor patches where applicable. No additional exploitation details are provided in the documents.

7.8CVSS7.2AI score0.20561EPSS
CVE
CVE
added 2006/07/15 1:6 a.m.89 views

CVE-2006-3626

CVE-2006-3626 is a local-privilege-escalation flaw in the Linux kernel (affected: 2.6.17.4 and earlier) caused by a race in the proc filesystem via prctl(PR_SET_DUMPABLE) that can set /proc/self/environ to setuid root. Exploitation would require local access and is not described as remote. The is...

6.2CVSS7.3AI score0.02203EPSS
CVE
CVE
added 2006/08/21 7:0 p.m.88 views

CVE-2006-4145

CVE-2006-4145 affects the Linux kernel UDF filesystem driver (2.6.17 and earlier). The issue allows a local user to trigger a hang or crash by performing operations on truncated files (illustrated via dd). Public documents in connected feeds confirm this CVE and indicate that updated kernel packa...

4.9CVSS6.8AI score0.00434EPSS
CVE
CVE
added 2006/08/21 9:0 p.m.87 views

CVE-2006-4093

CVE-2006-4093 affects Linux kernel 2.x on PowerPC PPC970: HID0 attention enable at boot time can crash the kernel (denial of service). Vulnerable: 2.6.x up to 2.6.17.9 and 2.4.x up to 2.4.33.1. Exploitation details are not provided in the initial documents, but multiple advisories (e.g., RHSA, SU...

4.9CVSS7AI score0.00459EPSS
CVE
CVE
added 2006/12/20 2:0 a.m.87 views

CVE-2006-4814

CVE-2006-4814 is a mincore-related Linux kernel vulnerability restricted to older kernels (before 2.4.33.6) where access to user space was not properly locked, potentially causing a system hang (deadlock). Public sources in connected advisories confirm this CVE as part of multiple kernel updates,...

4.6CVSS5.1AI score0.00982EPSS
CVE
CVE
added 2006/12/02 2:0 a.m.87 views

CVE-2006-5751

CVE-2006-5751 concerns the Linux kernel (pre-2.6.18.4) where an integer overflow in get_fdb_entries (net/bridge/br_ioctl.c) allows a local user to trigger arbitrary code execution by supplying a large maxnum in an ioctl. The issue is rooted in kernel networking bridge ioctl handling and could ena...

7.2CVSS7.4AI score0.00457EPSS
CVE
CVE
added 2006/01/03 4:0 p.m.86 views

CVE-2005-4605

CVE-2005-4605 concerns the Linux kernel procfs implementation. A signedness error in the proc_misc.c code (pre-2.6.15) allows a local attacker to read sensitive kernel memory by manipulating a signed value added to an unsigned value, disclosed via /proc interactions. Public reports document the a...

2.1CVSS4.6AI score0.01047EPSS
Web
CVE
CVE
added 2006/05/05 10:0 a.m.86 views

CVE-2006-1052

CVE-2006-1052 affects SELinux ptrace logic in SELinux for Linux 2.6.6. It allows local users with ptrace permissions to change the tracer SID to the SID of another process (local privilege impact). Public advisories (e.g., Debian DSA-1184-1/DSA-1184-2 and RHSA-2006:0575) indicate kernel updates m...

2.1CVSS7.2AI score0.00427EPSS
CVE
CVE
added 2006/04/25 10:0 p.m.86 views

CVE-2006-1863

CVE-2006-1863 is a directory traversal vulnerability in CIFS on Linux 2.6.16 and earlier that allows a local user to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences. The issue is mitigated by applying a kernel update (e.g., as per ChangeLog-2.6.16.11). Mode: C (detail...

2.1CVSS7.2AI score0.01016EPSS
CVE
CVE
added 2006/11/09 11:0 a.m.86 views

CVE-2006-5823

CVE-2006-5823 is a Linux kernel issue affecting the cramfs file system in 2.6.x where malformed compressed data can trigger memory corruption, leading to a local-denial crash. Connected advisories (RHSA-2007:0436, RHSA-2007:0014, and corresponding openvas entries) enumerate the cramfs memory corr...

4CVSS6.9AI score0.00361EPSS
CVE
CVE
added 2006/11/22 1:0 a.m.86 views

CVE-2006-6054

The CVE-2006-6054 issue affects the Linux kernel 2.6.x ext2 file system code, where a malformed ext2 stream can cause ext2_check_page to crash due to a length smaller than the minimum, enabling a local denial of service. Several connected advisories indicate this flaw was fixed in kernel updates ...

4CVSS7AI score0.00463EPSS
CVE
CVE
added 2006/11/22 1:0 a.m.86 views

CVE-2006-6058

CVE-2006-6058 affects the Linux kernel 2.6.x up to 2.6.24 (including 2.6.18). Local users can cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in minix_bmap. The issue may involve an integer overflow or signedness error. The documented fix is a ker...

4CVSS6AI score0.00477EPSS
CVE
CVE
added 2006/07/07 6:0 p.m.84 views

CVE-2006-2451

The CVE-2006-2451 issue affects Linux kernel 2.6.13 up to 2.6.17.4 inclusive, and 2.6.16 up to 2.6.16.24, where the suid_dumpable handling enables a local user to cause disk-based denial of service and potentially gain privileges via PR_SET_DUMPABLE when a core dump is created in a directory the ...

4.6CVSS6.1AI score0.04387EPSS
CVE
CVE
added 2006/12/19 7:0 p.m.84 views

CVE-2006-6106

The CVE-2006-6106 entry describes several buffer overflows in the Bluetooth driver (net/bluetooth/cmtp/capi.c) of the Linux kernel, specifically in the cmtp_recv_interopmsg function. Affected products/versions include Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 up to 2.6.18.5, with 2.6.19.x also...

7.5CVSS7.8AI score0.05605EPSS
CVE
CVE
added 2006/12/14 8:0 p.m.84 views

CVE-2006-6304

The CVE-2006-6304 issue affects Linux kernel 2.6.19 where do_coredump in fs/exec.c sets the O_EXCL flag but does not use it, enabling a context-dependent attacker to modify arbitrary files via a core-dump rewrite attack. A fix is available in the kernel changelog (2.6.19.1) and related advisories...

7.5CVSS7AI score0.0245EPSS
CVE
CVE
added 2006/10/09 11:0 p.m.83 views

CVE-2006-3741

CVE-2006-3741 concerns the perfmonctl (sys_perfmonctl) system call in Linux kernels 2.4.x and 2.6.x prior to 2.6.18 on Itanium. The issue is an improper reference-count accounting for file descriptors, which can allow local users to exhaust file descriptors and cause a denial of service. The desc...

4.9CVSS7AI score0.00425EPSS
CVE
CVE
added 2006/03/02 1:0 a.m.82 views

CVE-2005-3359

CVE-2005-3359 affects Linux kernel 2.6.x (atm module) where certain socket calls can produce inconsistent references counts on loadable protocol modules, enabling a local user to trigger a denial of service (panic). Publicly documented in Debian/DSA-1103-1 and Red Hat/CESA-RHSA-2006:0493 style ad...

4.9CVSS5.8AI score0.00556EPSS
CVE
CVE
added 2006/03/09 11:0 a.m.81 views

CVE-2006-0742

CVE-2006-0742 affects the Linux kernel on IA-64 (Itanium) where the die_if_kernel function in arch/ia64/kernel/unaligned.c is compiled with the noreturn attribute. In kernels 2.6.x before 2.6.15.6, this can allow local users to trigger user faults that lead to a denial of service. The root cause ...

4.6CVSS6.9AI score0.00391EPSS
CVE
CVE
added 2006/05/19 11:0 p.m.81 views

CVE-2006-1856

CVE-2006-1856 is a confirmed issue in the Linux kernel up to 2.6.8 where the readv and writev LSM hooks could be bypassed due to a missing file_permission check. The Debian advisory DSA-1184-2 and related distributions (e.g., Ubuntu USN-302-1) document this as one of several vulnerabilities fixed...

7.5CVSS7.2AI score0.02924EPSS
CVE
CVE
added 2006/11/06 8:0 p.m.81 views

CVE-2006-5757

CVE-2006-5757 is a local privilege vulnerability in the Linux kernel (2.6.x) related to the __find_get_block_slow function within the ISO9660 filesystem. The issue allows a local user to trigger a denial of service (infinite loop) by mounting a crafted ISO9660 image containing malformed data stru...

1.2CVSS7.1AI score0.00763EPSS
CVE
CVE
added 2006/09/22 9:0 p.m.80 views

CVE-2005-4811

CVE-2005-4811 concerns the Linux 2.6 kernel hugepage code (hugetlb.c). In certain configurations, a local user could trigger an mmap error before a prefault, causing an error in unmap_hugepage_area and potentially crash the system (local DoS). The connected advisories confirm this as a kernel fla...

4.9CVSS7.1AI score0.00392EPSS
CVE
CVE
added 2006/05/18 7:0 p.m.80 views

CVE-2006-1528

CVE-2006-1528 affects the Linux kernel prior to 2.6.13. The vulnerability arises in the sg (SCSI generic) driver’s handling of memory-mapped I/O space during a dio transfer, allowing a local user to trigger a crash ( Denial of Service ). The connected documents confirm the issue is located in the...

4.9CVSS6.9AI score0.00441EPSS
CVE
CVE
added 2006/04/27 5:0 p.m.80 views

CVE-2006-2071

CVE-2006-2071 affects Linux kernels 2.4.x and 2.6.x up to 2.6.16. It arises from a flaw in the mprotect handling that allowed a local user to grant write permission to a read-only attachment of a shared memory segment, bypassing IPC permissions and enabling modification of the attachment. Reporte...

2.1CVSS7.2AI score0.00411EPSS
CVE
CVE
added 2006/06/23 10:0 a.m.80 views

CVE-2006-2448

Concrete details found: CVE-2006-2448 affects the Linux kernel on PowerPC, specifically versions before 2.6.16.21 and 2.6.17. The root cause is missing access_ok checks in PowerPC signal handling (signal_64.c, potentially signal_32.c). Impact as stated: local users could read arbitrary kernel mem...

5.6CVSS7.2AI score0.00366EPSS
CVE
CVE
added 2006/01/23 10:0 p.m.79 views

CVE-2005-3356

CVE-2005-3356 is a kernel vulnerability in Linux 2.6.x where the mq_open system call can be tricked into decrementing an internal counter twice, potentially leading to a kernel panic and local denial of service. The connected documents describe the root cause as a faulty sequence in mntput/dentry...

2.1CVSS4.5AI score0.00427EPSS
CVE
CVE
added 2006/04/18 10:0 a.m.79 views

CVE-2006-0744

CVE-2006-0744 affects the Linux kernel before 2.6.16.5. The issue arises from handling uncanonical return addresses on Intel EM64T CPUs, where an exception is reported in SYSRET instead of the next instruction, causing the kernel exception handler to run on the user stack with an incorrect GS. Im...

4.9CVSS7.1AI score0.00465EPSS
CVE
CVE
added 2006/07/10 7:0 p.m.79 views

CVE-2006-2936

CVE-2006-2936 affects the ftdi_sio USB/serial driver in Linux kernels 2.6.x (up to at least 2.6.17). The issue lets local users trigger memory consumption DoS by writing more data to a serial port than the hardware can handle, causing queued data and potential resource exhaustion. Public referenc...

7.8CVSS7AI score0.02906EPSS
CVE
CVE
added 2006/09/19 7:0 p.m.79 views

CVE-2006-4535

CVE-2006-4535 describes a local denial-of-service in the Linux kernel SCTP implementation where a socket with a specific SO_LINGER value can crash the kernel. Affected are kernel versions 2.6.17.10, 2.6.17.11 and 2.6.18-rc5 (and older kernels backported CVE-2006-3745 patches). Public sources (Red...

4.9CVSS7.1AI score0.00434EPSS
CVE
CVE
added 2006/11/22 1:0 a.m.79 views

CVE-2006-6053

CVE-2006-6053 affects the Linux kernel 2.6.x: the ext3fs_dirhash function can crash the kernel via a malformed ext3 stream, enabling a local user to cause a denial of service. The issue is tied to the ext3 filesystem code in the 2.6.x series and is listed among kernel vulnerabilities addressed by...

4.9CVSS6.9AI score0.0052EPSS
CVE
CVE
added 2006/03/27 12:0 a.m.78 views

CVE-2006-1066

CVE-2006-1066 is tied to the Linux kernel prior to 2.6.16 on x86_64 with preemption enabled. The vulnerability allows a local attacker to trigger a denial of service (oops) by using multiple ptrace tasks performing single steps, which can cause corruption of the DEBUG_STACK stack during the do_de...

1.2CVSS5.2AI score0.0034EPSS
CVE
CVE
added 2006/03/21 6:0 p.m.78 views

CVE-2006-1343

The connected Debian advisory (DSA-1184-2) confirms CVE-2006-1343 as a local information-leak in the Linux 2.6.8 kernel (kernel-source-2.6.8), caused by an information leak in the getsockopt system call that can let a local user leak potentially sensitive memory to userspace. Affected architectur...

2.1CVSS7AI score0.0042EPSS
CVE
CVE
added 2006/10/03 11:0 p.m.78 views

CVE-2006-5158

CVE-2006-5158 affects the Linux kernel’s NFS lockd (nlmclnt_mark_reclaim in clntlock.c). The connected advisories (RHSA-2007-0488, CESAs for RHEL/CentOS, SL) describe a vulnerability in NFS locking daemon that can cause a denial of service (deadlock) or kernel oops via NULL dereference, allowing ...

7.5CVSS7.1AI score0.03473EPSS
CVE
CVE
added 2006/09/11 5:0 p.m.77 views

CVE-2006-4623

The vulnerability CVE-2006-4623 affects the Linux kernel DVB ULE decapsulation path: Unidirectional Lightweight Encapsulation (ULE) in dvb-core/dvb_net.c of the kernel 2.6.17.8. A remote attacker can cause a denial of service (crash) by sending a ULE packet with an SNDU length of 0. Public adviso...

7.8CVSS7AI score0.04012EPSS
CVE
CVE
added 2006/04/19 6:0 p.m.76 views

CVE-2006-1525

CVE-2006-1525 affects the Linux kernel 2.6 series (before 2.6.16.8). The vulnerability arises in ip_route_input, where a local user can trigger a NULL pointer dereference by requesting a route for a multicast IP address, leading to a denial of service (panic). Public references in Debian/DSA advi...

4.9CVSS5.7AI score0.00438EPSS
CVE
CVE
added 2006/05/22 4:0 p.m.76 views

CVE-2006-1857

The CVE-2006-1857 entry describes a buffer overflow in the SCTP implementation of the Linux kernel up to version 2.6.16.17. A remote attacker could trigger this via a malformed HB-ACK chunk, potentially causing a crash (DoS) and possibly executing arbitrary code. A fix is available in kernel 2.6....

9CVSS7.8AI score0.06797EPSS
CVE
CVE
added 2006/06/30 9:0 p.m.76 views

CVE-2006-2934

CVE-2006-2934 is a kernel-level DoS in SCTP conntrack (netfilter) for Linux kernels 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23, where a crafted packet without chunks can trigger a value bug leading to a NULL dereference and crash. The connected advisories reference upstream kernel patches...

5CVSS7.1AI score0.05102EPSS
CVE
CVE
added 2006/10/05 9:0 p.m.76 views

CVE-2006-5174

CVE-2006-5174 concerns the Linux kernel 2.6 copy_from_user() implementation on s390/s390x where a local user could read kernel memory due to improper clearing of a kernel buffer. Affected platform: Linux kernel 2.6 before 2.6.19-rc1 on s390. The issue is an information leak (partial confidentiali...

2.1CVSS7AI score0.00417EPSS
CVE
CVE
added 2006/03/22 8:0 p.m.75 views

CVE-2006-0038

The CVE-2006-0038 issue is a local kernel vulnerability in Linux 2.6.x where arithmetic in netfilter’s do_replace() can overflow a buffer. Exploitation requires CAP_NET_ADMIN rights and is tied to virtualization environments (e.g., OpenVZ). The advisory notes that this can lead to arbitrary code ...

6.9CVSS7.5AI score0.00402EPSS
Total number of security vulnerabilities109