VYPR

Kernel

by Linux

Source repositories

CVEs (15,353)

  • CVE-2006-5619Oct 31, 2006
    risk 0.00cvss epss 0.00

    The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels.

  • CVE-2006-5173Oct 17, 2006
    risk 0.00cvss epss 0.00

    Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS…

  • CVE-2006-4813Oct 12, 2006
    risk 0.00cvss epss 0.00

    The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.

  • CVE-2006-5174Oct 10, 2006
    risk 0.00cvss epss 0.00

    The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which…

  • CVE-2006-3741Oct 10, 2006
    risk 0.00cvss epss 0.00

    The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file descriptor consumption).

  • CVE-2006-4535Sep 19, 2006
    risk 0.00cvss epss 0.00

    The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are…

  • CVE-2006-4623Sep 11, 2006
    risk 0.00cvss epss 0.04

    The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet.

  • CVE-2006-4538Sep 5, 2006
    risk 0.00cvss epss 0.00

    Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries.

  • CVE-2006-2932Aug 23, 2006
    risk 0.00cvss epss 0.00

    A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors.

  • CVE-2006-3745Aug 23, 2006
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors.

  • CVE-2006-4093Aug 21, 2006
    risk 0.00cvss epss 0.00

    Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."

  • CVE-2006-4145Aug 21, 2006
    risk 0.00cvss epss 0.00

    The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.

  • CVE-2006-2446Aug 15, 2006
    risk 0.00cvss epss 0.03

    Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests from the LTP test suite.

  • CVE-2006-3634Aug 4, 2006
    risk 0.00cvss epss 0.00

    The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 perform the atomic futex operation in the kernel address space instead of the user address space, which allows local users to cause a denial of service (crash).

  • CVE-2006-3626Jul 18, 2006
    risk 0.00cvss epss 0.02

    Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root.

  • CVE-2006-2936Jul 10, 2006
    risk 0.00cvss epss 0.03

    The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be…

  • CVE-2006-2935Jul 5, 2006
    risk 0.00cvss epss 0.01

    The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer…

  • CVE-2006-2934Jun 30, 2006
    risk 0.00cvss epss 0.05

    SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is…

  • CVE-2006-0456Jun 27, 2006
    risk 0.00cvss epss 0.00

    The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors.

  • CVE-2006-3085Jun 23, 2006
    risk 0.00cvss epss 0.03

    xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length.

Page 754 of 768