VYPR

Kernel

by Linux

Source repositories

CVEs (15,869)

  • CVE-2006-7051Feb 24, 2007
    risk 0.03cvss epss 0.01

    The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in…

  • CVE-2006-5757Nov 6, 2006
    risk 0.03cvss epss 0.01

    Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures.

  • CVE-2006-5701Nov 3, 2006
    risk 0.03cvss epss 0.01

    Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem.

  • CVE-2006-2451Jul 7, 2006
    risk 0.03cvss epss 0.04

    The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program…

  • CVE-2006-2629May 27, 2006
    risk 0.03cvss epss 0.01

    Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing the /proc entry of a task that is exiting, which causes memory corruption that…

  • CVE-2006-1864Apr 26, 2006
    risk 0.03cvss epss 0.01

    Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863.

  • CVE-2006-1342Mar 21, 2006
    risk 0.03cvss epss 0.01

    net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory.

  • CVE-2005-4605Dec 31, 2005
    risk 0.03cvss epss 0.01

    The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.

  • CVE-2005-3857Nov 27, 2005
    risk 0.03cvss epss 0.01

    The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.

  • CVE-2005-3808Nov 25, 2005
    risk 0.03cvss epss 0.01

    Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.

  • CVE-2005-3807Nov 25, 2005
    risk 0.03cvss epss 0.01

    Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync…

  • CVE-2005-2973Oct 27, 2005
    risk 0.03cvss epss 0.01

    The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).

  • CVE-2005-3257Oct 18, 2005
    risk 0.03cvss epss 0.01

    The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.

  • CVE-2005-2800Sep 6, 2005
    risk 0.03cvss epss 0.01

    Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled…

  • CVE-2005-1589May 17, 2005
    risk 0.03cvss epss 0.01

    The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space…

  • CVE-2005-1263May 11, 2005
    risk 0.03cvss epss 0.02

    The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative…

  • CVE-2005-0916May 2, 2005
    risk 0.03cvss epss 0.01

    AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes…

  • CVE-2004-1235Apr 14, 2005
    risk 0.03cvss epss 0.03

    Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

  • CVE-2005-0750Mar 27, 2005
    risk 0.03cvss epss 0.01

    The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

  • CVE-2005-0736Mar 9, 2005
    risk 0.03cvss epss 0.02

    Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.

Page 593 of 794