Kernel
by Linux
Source repositories
CVEs (15,869)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1016 | 0.03 | — | 0.01 | Jan 10, 2005 | The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. | |||
| CVE-2004-1074 | 0.03 | — | 0.01 | Jan 10, 2005 | The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. | |||
| CVE-2004-1073 | 0.03 | — | 0.01 | Jan 10, 2005 | The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. | |||
| CVE-2004-1333 | 0.03 | — | 0.01 | Dec 15, 2004 | Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow. | |||
| CVE-2004-1335 | 0.03 | — | 0.01 | Dec 15, 2004 | Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. | |||
| CVE-2004-0497 | 0.03 | — | 0.01 | Dec 6, 2004 | Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. | |||
| CVE-2004-0415 | 0.03 | — | 0.01 | Nov 23, 2004 | Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. | |||
| CVE-2004-0228 | 0.03 | — | 0.01 | Aug 18, 2004 | Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges. | |||
| CVE-2004-0554 | 0.03 | — | 0.01 | Aug 6, 2004 | Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | |||
| CVE-2004-0424 | 0.03 | — | 0.01 | Jul 7, 2004 | Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | |||
| CVE-2004-2135 | 0.03 | — | 0.01 | May 26, 2004 | cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption. | |||
| CVE-2004-0186 | 0.03 | — | 0.02 | Mar 15, 2004 | smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. | |||
| CVE-2004-0077 | 0.03 | — | 0.02 | Mar 3, 2004 | The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root… | |||
| CVE-2003-0985 | 0.03 | — | 0.01 | Jan 20, 2004 | The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual… | |||
| CVE-2003-0961 | 0.03 | — | 0.03 | Dec 15, 2003 | Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges. | |||
| CVE-2003-0462 | 0.03 | — | 0.01 | Aug 27, 2003 | A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). | |||
| CVE-2003-0501 | 0.03 | — | 0.01 | Aug 7, 2003 | The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries. | |||
| CVE-2003-0127 | 0.03 | — | 0.02 | Mar 31, 2003 | The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | |||
| CVE-2002-1380 | 0.03 | — | 0.01 | Dec 23, 2002 | Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface. | |||
| CVE-2002-0499 | 0.03 | — | 0.01 | Aug 12, 2002 | The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories. |
- CVE-2004-1016Jan 10, 2005risk 0.03cvss —epss 0.01
The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition.
- CVE-2004-1074Jan 10, 2005risk 0.03cvss —epss 0.01
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
- CVE-2004-1073Jan 10, 2005risk 0.03cvss —epss 0.01
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
- CVE-2004-1333Dec 15, 2004risk 0.03cvss —epss 0.01
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
- CVE-2004-1335Dec 15, 2004risk 0.03cvss —epss 0.01
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
- CVE-2004-0497Dec 6, 2004risk 0.03cvss —epss 0.01
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
- CVE-2004-0415Nov 23, 2004risk 0.03cvss —epss 0.01
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
- CVE-2004-0228Aug 18, 2004risk 0.03cvss —epss 0.01
Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges.
- CVE-2004-0554Aug 6, 2004risk 0.03cvss —epss 0.01
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
- CVE-2004-0424Jul 7, 2004risk 0.03cvss —epss 0.01
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
- CVE-2004-2135May 26, 2004risk 0.03cvss —epss 0.01
cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
- CVE-2004-0186Mar 15, 2004risk 0.03cvss —epss 0.02
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
- CVE-2004-0077Mar 3, 2004risk 0.03cvss —epss 0.02
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root…
- CVE-2003-0985Jan 20, 2004risk 0.03cvss —epss 0.01
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual…
- CVE-2003-0961Dec 15, 2003risk 0.03cvss —epss 0.03
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.
- CVE-2003-0462Aug 27, 2003risk 0.03cvss —epss 0.01
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
- CVE-2003-0501Aug 7, 2003risk 0.03cvss —epss 0.01
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.
- CVE-2003-0127Mar 31, 2003risk 0.03cvss —epss 0.02
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
- CVE-2002-1380Dec 23, 2002risk 0.03cvss —epss 0.01
Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.
- CVE-2002-0499Aug 12, 2002risk 0.03cvss —epss 0.01
The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.
Page 594 of 794