Filtered by vendor Linux
Subscribe
Total
6322 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3642 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.8 HIGH | N/A |
| The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c in the Linux kernel before 2.6.20.15, 2.6.21.x before 2.6.21.6, and before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL pointer dereference. | |||||
| CVE-2007-3105 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.6 MEDIUM | N/A |
| Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing random numbers to the stack by the pool transfer function involving "bound check ordering". NOTE: this issue might only cross privilege boundaries in environments that have granular assignment of privileges for root. | |||||
| CVE-2007-2480 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.6 MEDIUM | N/A |
| The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applications. | |||||
| CVE-2007-2172 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2023-11-07 | 4.7 MEDIUM | N/A |
| A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions. | |||||
| CVE-2007-1592 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket. | |||||
| CVE-2006-7203 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.0 MEDIUM | N/A |
| The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs"). | |||||
| CVE-2006-6535 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 9.4 HIGH | N/A |
| The dev_queue_xmit function in Linux kernel 2.6 can fail before calling the local_bh_disable function, which could lead to data corruption and "node lockups." NOTE: it is not clear whether this issue is exploitable. | |||||
| CVE-2006-6333 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.8 HIGH | N/A |
| The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wrong flag to the ip_summed field, which allows remote attackers to cause a denial of service (memory corruption) via crafted packets that cause the kernel to interpret another field as an offset. | |||||
| CVE-2006-5751 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.2 HIGH | N/A |
| Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request. | |||||
| CVE-2006-5619 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. | |||||
| CVE-2006-5174 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer. | |||||
| CVE-2006-5173 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access. | |||||
| CVE-2006-4538 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries. | |||||
| CVE-2006-4535 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to backporting of the CVE-2006-3745 patch. | |||||
| CVE-2006-3634 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 perform the atomic futex operation in the kernel address space instead of the user address space, which allows local users to cause a denial of service (crash). | |||||
| CVE-2006-3626 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 6.2 MEDIUM | N/A |
| Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root. | |||||
| CVE-2006-2451 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.6 MEDIUM | N/A |
| The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions. | |||||
| CVE-2006-2445 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.0 MEDIUM | N/A |
| Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting. | |||||
| CVE-2006-2071 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs. | |||||
| CVE-2006-1860 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack. | |||||