Kernel
by Linux
Source repositories
CVEs (15,353)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-3805 | 0.00 | — | 0.00 | Nov 25, 2005 | A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers. | |||
| CVE-2005-3809 | 0.00 | — | 0.02 | Nov 25, 2005 | The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference. | |||
| CVE-2005-3810 | 0.00 | — | 0.01 | Nov 25, 2005 | ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference. | |||
| CVE-2005-3784 | 0.00 | — | 0.00 | Nov 23, 2005 | The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges. | |||
| CVE-2005-3783 | 0.00 | — | 0.00 | Nov 23, 2005 | The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14.2, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, which allows local users to cause a denial of service (crash). | |||
| CVE-2005-3753 | 0.00 | — | 0.01 | Nov 22, 2005 | Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an… | |||
| CVE-2005-2709 | 0.00 | — | 0.01 | Nov 20, 2005 | The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and… | |||
| CVE-2005-3527 | 0.00 | — | 0.00 | Nov 9, 2005 | Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial of service by triggering a core dump in one thread while another thread has a pending SIGSTOP. | |||
| CVE-2005-2708 | 0.00 | — | 0.01 | Oct 25, 2005 | The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a… | |||
| CVE-2005-2100 | 0.00 | — | 0.00 | Oct 25, 2005 | The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash). | |||
| CVE-2005-3271 | 0.00 | — | 0.00 | Oct 21, 2005 | Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single… | |||
| CVE-2005-3276 | 0.00 | — | 0.00 | Oct 21, 2005 | The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information. | |||
| CVE-2005-3272 | 0.00 | — | 0.03 | Oct 21, 2005 | Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets. | |||
| CVE-2005-3275 | 0.00 | — | 0.03 | Oct 21, 2005 | The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the… | |||
| CVE-2005-3273 | 0.00 | — | 0.03 | Oct 21, 2005 | The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a… | |||
| CVE-2005-3180 | 0.00 | — | 0.04 | Oct 12, 2005 | The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information. | |||
| CVE-2005-3181 | 0.00 | — | 0.01 | Oct 12, 2005 | The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows… | |||
| CVE-2005-3119 | 0.00 | — | 0.00 | Oct 12, 2005 | Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys. | |||
| CVE-2005-3179 | 0.00 | — | 0.00 | Oct 12, 2005 | drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information. | |||
| CVE-2005-1764 | 0.00 | — | 0.00 | Oct 7, 2005 | Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service. |
- CVE-2005-3805Nov 25, 2005risk 0.00cvss —epss 0.00
A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers.
- CVE-2005-3809Nov 25, 2005risk 0.00cvss —epss 0.02
The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference.
- CVE-2005-3810Nov 25, 2005risk 0.00cvss —epss 0.01
ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference.
- CVE-2005-3784Nov 23, 2005risk 0.00cvss —epss 0.00
The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges.
- CVE-2005-3783Nov 23, 2005risk 0.00cvss —epss 0.00
The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14.2, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, which allows local users to cause a denial of service (crash).
- CVE-2005-3753Nov 22, 2005risk 0.00cvss —epss 0.01
Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an…
- CVE-2005-2709Nov 20, 2005risk 0.00cvss —epss 0.01
The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and…
- CVE-2005-3527Nov 9, 2005risk 0.00cvss —epss 0.00
Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial of service by triggering a core dump in one thread while another thread has a pending SIGSTOP.
- CVE-2005-2708Oct 25, 2005risk 0.00cvss —epss 0.01
The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a…
- CVE-2005-2100Oct 25, 2005risk 0.00cvss —epss 0.00
The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash).
- CVE-2005-3271Oct 21, 2005risk 0.00cvss —epss 0.00
Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single…
- CVE-2005-3276Oct 21, 2005risk 0.00cvss —epss 0.00
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
- CVE-2005-3272Oct 21, 2005risk 0.00cvss —epss 0.03
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.
- CVE-2005-3275Oct 21, 2005risk 0.00cvss —epss 0.03
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the…
- CVE-2005-3273Oct 21, 2005risk 0.00cvss —epss 0.03
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a…
- CVE-2005-3180Oct 12, 2005risk 0.00cvss —epss 0.04
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
- CVE-2005-3181Oct 12, 2005risk 0.00cvss —epss 0.01
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows…
- CVE-2005-3119Oct 12, 2005risk 0.00cvss —epss 0.00
Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.
- CVE-2005-3179Oct 12, 2005risk 0.00cvss —epss 0.00
drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.
- CVE-2005-1764Oct 7, 2005risk 0.00cvss —epss 0.00
Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service.
Page 758 of 768