Filtered by vendor Linux
Subscribe
Total
6218 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2099 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 5.0 MEDIUM | N/A |
| The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null dereference in the keyring destructor. | |||||
| CVE-2005-2098 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 5.0 MEDIUM | N/A |
| The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM. | |||||
| CVE-2005-1762 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.1 LOW | N/A |
| The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address. | |||||
| CVE-2005-1369 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.1 LOW | N/A |
| The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function. | |||||
| CVE-2005-1368 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 1.2 LOW | N/A |
| The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP. | |||||
| CVE-2005-1265 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.1 LOW | N/A |
| The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash). | |||||
| CVE-2005-1264 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 7.2 HIGH | N/A |
| Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589. | |||||
| CVE-2005-1263 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 7.2 HIGH | N/A |
| The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pass a signed integer comparison, leading to a buffer overflow. | |||||
| CVE-2005-1041 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.1 LOW | N/A |
| The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. | |||||
| CVE-2005-0867 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 7.2 HIGH | N/A |
| Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file. | |||||
| CVE-2005-0756 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.1 LOW | N/A |
| ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash). | |||||
| CVE-2005-0124 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.1 LOW | N/A |
| The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow. | |||||
| CVE-2006-3085 | 1 Linux | 1 Linux Kernel | 2018-10-18 | 7.8 HIGH | N/A |
| xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length. | |||||
| CVE-2006-1864 | 1 Linux | 1 Linux Kernel | 2018-10-18 | 4.6 MEDIUM | N/A |
| Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863. | |||||
| CVE-2006-1624 | 1 Linux | 1 Linux Kernel | 2018-10-18 | 7.8 HIGH | N/A |
| The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses. | |||||
| CVE-2006-1242 | 1 Linux | 1 Linux Kernel | 2018-10-18 | 5.0 MEDIUM | N/A |
| The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks. | |||||
| CVE-2017-1000364 | 1 Linux | 1 Linux Kernel | 2018-10-18 | 6.2 MEDIUM | 7.4 HIGH |
| An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). | |||||
| CVE-2006-6106 | 1 Linux | 1 Linux Kernel | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field. | |||||
| CVE-2006-4623 | 1 Linux | 1 Linux Kernel | 2018-10-17 | 7.8 HIGH | N/A |
| The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet. | |||||
| CVE-2006-4145 | 1 Linux | 1 Linux Kernel | 2018-10-17 | 4.9 MEDIUM | N/A |
| The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command. | |||||