Linux Kernel
by Linux
CVEs (36)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1137 | 0.05 | — | 0.21 | Jan 10, 2005 | Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the… | |||
| CVE-2005-0916 | 0.03 | — | 0.01 | May 2, 2005 | AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes… | |||
| CVE-2004-1074 | 0.03 | — | 0.01 | Jan 10, 2005 | The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. | |||
| CVE-2004-1073 | 0.03 | — | 0.01 | Jan 10, 2005 | The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. | |||
| CVE-2005-1041 | 0.00 | — | 0.00 | May 2, 2005 | The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. | |||
| CVE-2005-0210 | 0.00 | — | 0.00 | May 2, 2005 | Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice. | |||
| CVE-2005-0529 | 0.00 | — | 0.01 | May 2, 2005 | Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context. | |||
| CVE-2005-0137 | 0.00 | — | 0.00 | May 2, 2005 | Linux kernel 2.6 on Itanium (ia64) architectures allows local users to cause a denial of service via a "missing Itanium syscall table entry." | |||
| CVE-2005-0001 | 0.00 | — | 0.01 | May 2, 2005 | Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and… | |||
| CVE-2005-0135 | 0.00 | — | 0.00 | May 2, 2005 | The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allows local users to cause a denial of service (system crash). | |||
| CVE-2005-0530 | 0.00 | — | 0.00 | May 2, 2005 | Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument. | |||
| CVE-2005-1368 | 0.00 | — | 0.00 | May 2, 2005 | The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP. | |||
| CVE-2005-0400 | 0.00 | — | 0.00 | May 2, 2005 | The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | |||
| CVE-2005-0839 | 0.00 | — | 0.00 | May 2, 2005 | Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions. | |||
| CVE-2005-0209 | 0.00 | — | 0.03 | May 2, 2005 | Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments. | |||
| CVE-2005-0204 | 0.00 | — | 0.00 | May 2, 2005 | Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local users to write to privileged IO ports via the OUTS instruction. | |||
| CVE-2005-0531 | 0.00 | — | 0.01 | May 2, 2005 | The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments. | |||
| CVE-2005-0867 | 0.00 | — | 0.00 | May 2, 2005 | Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file. | |||
| CVE-2005-0977 | 0.00 | — | 0.00 | May 2, 2005 | The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address. | |||
| CVE-2005-0207 | 0.00 | — | 0.00 | May 2, 2005 | Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT. |
- CVE-2004-1137Jan 10, 2005risk 0.05cvss —epss 0.21
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the…
- CVE-2005-0916May 2, 2005risk 0.03cvss —epss 0.01
AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes…
- CVE-2004-1074Jan 10, 2005risk 0.03cvss —epss 0.01
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
- CVE-2004-1073Jan 10, 2005risk 0.03cvss —epss 0.01
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
- CVE-2005-1041May 2, 2005risk 0.00cvss —epss 0.00
The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route.
- CVE-2005-0210May 2, 2005risk 0.00cvss —epss 0.00
Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice.
- CVE-2005-0529May 2, 2005risk 0.00cvss —epss 0.01
Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.
- CVE-2005-0137May 2, 2005risk 0.00cvss —epss 0.00
Linux kernel 2.6 on Itanium (ia64) architectures allows local users to cause a denial of service via a "missing Itanium syscall table entry."
- CVE-2005-0001May 2, 2005risk 0.00cvss —epss 0.01
Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and…
- CVE-2005-0135May 2, 2005risk 0.00cvss —epss 0.00
The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allows local users to cause a denial of service (system crash).
- CVE-2005-0530May 2, 2005risk 0.00cvss —epss 0.00
Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.
- CVE-2005-1368May 2, 2005risk 0.00cvss —epss 0.00
The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP.
- CVE-2005-0400May 2, 2005risk 0.00cvss —epss 0.00
The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.
- CVE-2005-0839May 2, 2005risk 0.00cvss —epss 0.00
Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.
- CVE-2005-0209May 2, 2005risk 0.00cvss —epss 0.03
Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments.
- CVE-2005-0204May 2, 2005risk 0.00cvss —epss 0.00
Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local users to write to privileged IO ports via the OUTS instruction.
- CVE-2005-0531May 2, 2005risk 0.00cvss —epss 0.01
The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.
- CVE-2005-0867May 2, 2005risk 0.00cvss —epss 0.00
Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file.
- CVE-2005-0977May 2, 2005risk 0.00cvss —epss 0.00
The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address.
- CVE-2005-0207May 2, 2005risk 0.00cvss —epss 0.00
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
Page 1 of 2