Filtered by vendor Linux
Subscribe
Total
6218 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0554 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 1.7 LOW | N/A |
| Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data. | |||||
| CVE-2006-0096 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.2 HIGH | N/A |
| wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to exploit, since it is protected by CAP_NET_ADMIN; thus it might not be a vulnerability, although capabilities provide finer distinctions between privilege levels. | |||||
| CVE-2006-0037 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows local users to cause a denial of service (memory corruption or crash) via a crafted outbound packet that causes an incorrect offset to be calculated from pointer arithmetic when non-linear SKBs (socket buffers) are used. | |||||
| CVE-2006-0036 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.8 HIGH | N/A |
| ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows remote attackers to cause a denial of service (memory corruption or crash) via an inbound PPTP_IN_CALL_REQUEST packet that causes a null pointer to be used in an offset calculation. | |||||
| CVE-2006-0035 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0. | |||||
| CVE-2005-4886 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.8 HIGH | N/A |
| The selinux_parse_skb_ipv6 function in security/selinux/hooks.c in the Linux kernel before 2.6.12-rc4 allows remote attackers to cause a denial of service (OOPS) via vectors associated with an incorrect call to the ipv6_skip_exthdr function. | |||||
| CVE-2005-4881 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the (1) tc_fill_qdisc, (2) tcf_fill_node, (3) neightbl_fill_info, (4) neightbl_fill_param_info, (5) neigh_fill_info, (6) rtnetlink_fill_ifinfo, (7) rtnetlink_fill_iwinfo, (8) vif_delete, (9) ipmr_destroy_unres, (10) ipmr_cache_alloc_unres, (11) ipmr_cache_resolve, (12) inet6_fill_ifinfo, (13) tca_get_fill, (14) tca_action_flush, (15) tcf_add_notify, (16) tc_dump_action, (17) cbq_dump_police, (18) __nlmsg_put, (19) __rta_fill, (20) __rta_reserve, (21) inet6_fill_prefix, (22) rsvp_dump, and (23) cbq_dump_ovl functions. | |||||
| CVE-2005-4798 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 5.0 MEDIUM | N/A |
| Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client. | |||||
| CVE-2005-4635 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 5.0 MEDIUM | N/A |
| The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages. | |||||
| CVE-2005-4618 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 3.6 LOW | N/A |
| Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified. | |||||
| CVE-2005-3857 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function. | |||||
| CVE-2005-3848 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.8 HIGH | N/A |
| Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply." | |||||
| CVE-2005-3807 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function. | |||||
| CVE-2005-3806 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 6.6 MEDIUM | N/A |
| The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory. | |||||
| CVE-2005-3805 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers. | |||||
| CVE-2005-3784 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges. | |||||
| CVE-2005-3783 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14.2, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, which allows local users to cause a denial of service (crash). | |||||
| CVE-2005-3527 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.0 MEDIUM | N/A |
| Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial of service by triggering a core dump in one thread while another thread has a pending SIGSTOP. | |||||
| CVE-2005-3276 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information. | |||||
| CVE-2005-3275 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.6 LOW | N/A |
| The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption. | |||||