Filtered by vendor Linux
Subscribe
Total
6119 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0883 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2023-12-10 | 6.4 MEDIUM | N/A |
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function. | |||||
CVE-2005-0449 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.1 HIGH | N/A |
The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function. | |||||
CVE-2006-0036 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.8 HIGH | N/A |
ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows remote attackers to cause a denial of service (memory corruption or crash) via an inbound PPTP_IN_CALL_REQUEST packet that causes a null pointer to be used in an offset calculation. | |||||
CVE-2005-0916 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes exit_aio and is_hugepage_only_range to fail. | |||||
CVE-2005-0179 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call. | |||||
CVE-2005-2458 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". | |||||
CVE-2006-4145 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | N/A |
The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command. | |||||
CVE-2005-0767 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 6.9 MEDIUM | N/A |
Race condition in the Radeon DRI driver for Linux kernel 2.6.8.1 allows local users with DRI privileges to execute arbitrary code as root. | |||||
CVE-2005-3179 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information. | |||||
CVE-2005-3660 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | N/A |
Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference. | |||||
CVE-2004-0812 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop | 2023-12-10 | 2.1 LOW | N/A |
Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code. | |||||
CVE-2006-2936 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.8 HIGH | N/A |
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued. | |||||
CVE-2006-1857 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 9.0 HIGH | N/A |
Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk. | |||||
CVE-2006-1055 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.9 MEDIUM | N/A |
The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read. | |||||
CVE-2005-0937 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 1.2 LOW | N/A |
Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions. | |||||
CVE-2006-1859 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return value," aka "slab leak." | |||||
CVE-2006-1858 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.8 HIGH | N/A |
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters. | |||||
CVE-2005-4635 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages. | |||||
CVE-2005-2553 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program. | |||||
CVE-2005-3753 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.8 HIGH | N/A |
Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker. |