Kernel
by Linux
Source repositories
CVEs (15,353)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-0035 | 0.00 | — | 0.00 | Jan 11, 2006 | The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0. | |||
| CVE-2006-0096 | 0.00 | — | 0.00 | Jan 6, 2006 | wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to… | |||
| CVE-2006-0095 | 0.00 | — | 0.00 | Jan 6, 2006 | dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key. | |||
| CVE-2005-0489 | 0.00 | — | 0.00 | Dec 31, 2005 | The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory. | |||
| CVE-2005-0136 | 0.00 | — | 0.00 | Dec 31, 2005 | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | |||
| CVE-2005-4639 | 0.00 | — | 0.00 | Dec 31, 2005 | Buffer overflow in the CA-driver (dst_ca.c) for TwinHan DST Frontend/Card in Linux kernel 2.6.12 and other versions before 2.6.15 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by "reading more than 8 bytes into an 8 byte long array". | |||
| CVE-2005-4351 | 0.00 | — | 0.00 | Dec 31, 2005 | The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. | |||
| CVE-2005-3356 | 0.00 | — | 0.00 | Dec 31, 2005 | The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic)… | |||
| CVE-2005-3359 | 0.00 | — | 0.01 | Dec 31, 2005 | The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules. | |||
| CVE-2005-4618 | 0.00 | — | 0.00 | Dec 31, 2005 | Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland… | |||
| CVE-2005-4811 | 0.00 | — | 0.00 | Dec 31, 2005 | The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function. | |||
| CVE-2005-4635 | 0.00 | — | 0.03 | Dec 31, 2005 | The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages. | |||
| CVE-2005-4798 | 0.00 | — | 0.03 | Dec 31, 2005 | Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client. | |||
| CVE-2005-4352 | 0.00 | — | 0.00 | Dec 31, 2005 | The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the… | |||
| CVE-2005-3623 | 0.00 | — | 0.04 | Dec 31, 2005 | nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems. | |||
| CVE-2005-3660 | 0.00 | — | 0.00 | Dec 22, 2005 | Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by… | |||
| CVE-2005-3358 | 0.00 | — | 0.01 | Dec 14, 2005 | Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs. | |||
| CVE-2005-3858 | 0.00 | — | 0.03 | Nov 27, 2005 | Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed. | |||
| CVE-2005-3848 | 0.00 | — | 0.05 | Nov 27, 2005 | Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply." | |||
| CVE-2005-3806 | 0.00 | — | 0.00 | Nov 25, 2005 | The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of… |
- CVE-2006-0035Jan 11, 2006risk 0.00cvss —epss 0.00
The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0.
- CVE-2006-0096Jan 6, 2006risk 0.00cvss —epss 0.00
wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to…
- CVE-2006-0095Jan 6, 2006risk 0.00cvss —epss 0.00
dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.
- CVE-2005-0489Dec 31, 2005risk 0.00cvss —epss 0.00
The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory.
- CVE-2005-0136Dec 31, 2005risk 0.00cvss —epss 0.00
The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761.
- CVE-2005-4639Dec 31, 2005risk 0.00cvss —epss 0.00
Buffer overflow in the CA-driver (dst_ca.c) for TwinHan DST Frontend/Card in Linux kernel 2.6.12 and other versions before 2.6.15 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by "reading more than 8 bytes into an 8 byte long array".
- CVE-2005-4351Dec 31, 2005risk 0.00cvss —epss 0.00
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.
- CVE-2005-3356Dec 31, 2005risk 0.00cvss —epss 0.00
The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic)…
- CVE-2005-3359Dec 31, 2005risk 0.00cvss —epss 0.01
The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules.
- CVE-2005-4618Dec 31, 2005risk 0.00cvss —epss 0.00
Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland…
- CVE-2005-4811Dec 31, 2005risk 0.00cvss —epss 0.00
The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function.
- CVE-2005-4635Dec 31, 2005risk 0.00cvss —epss 0.03
The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages.
- CVE-2005-4798Dec 31, 2005risk 0.00cvss —epss 0.03
Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.
- CVE-2005-4352Dec 31, 2005risk 0.00cvss —epss 0.00
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the…
- CVE-2005-3623Dec 31, 2005risk 0.00cvss —epss 0.04
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.
- CVE-2005-3660Dec 22, 2005risk 0.00cvss —epss 0.00
Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by…
- CVE-2005-3358Dec 14, 2005risk 0.00cvss —epss 0.01
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
- CVE-2005-3858Nov 27, 2005risk 0.00cvss —epss 0.03
Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed.
- CVE-2005-3848Nov 27, 2005risk 0.00cvss —epss 0.05
Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply."
- CVE-2005-3806Nov 25, 2005risk 0.00cvss —epss 0.00
The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of…
Page 757 of 768