VYPR

Kernel

by Linux

Source repositories

CVEs (15,353)

  • CVE-2004-1017Dec 31, 2004
    risk 0.00cvss epss 0.03

    Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors.

  • CVE-2004-2536Dec 31, 2004
    risk 0.00cvss epss 0.02

    The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does not drop those permissions when it exits, which allows other processes to access…

  • CVE-2004-2302Dec 31, 2004
    risk 0.00cvss epss 0.00

    Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.

  • CVE-2004-2660Dec 31, 2004
    risk 0.00cvss epss 0.00

    Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests.

  • CVE-2004-0997Dec 31, 2004
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors.

  • CVE-2004-1144Dec 31, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges.

  • CVE-2004-2607Dec 31, 2004
    risk 0.00cvss epss 0.00

    A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.

  • CVE-2004-2731Dec 31, 2004
    risk 0.00cvss epss 0.01

    Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function…

  • CVE-2004-0814Dec 23, 2004
    risk 0.00cvss epss 0.01

    Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of…

  • CVE-2004-0685Dec 23, 2004
    risk 0.00cvss epss 0.00

    Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.

  • CVE-2004-1334Dec 15, 2004
    risk 0.00cvss epss 0.01

    Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.

  • CVE-2004-0496Dec 6, 2004
    risk 0.00cvss epss 0.00

    Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

  • CVE-2004-0626Dec 6, 2004
    risk 0.00cvss epss 0.03

    The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a…

  • CVE-2004-0565Dec 6, 2004
    risk 0.00cvss epss 0.00

    Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

  • CVE-2004-0229Aug 18, 2004
    risk 0.00cvss epss 0.00

    The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact.

  • CVE-2004-0394Aug 18, 2004
    risk 0.00cvss epss 0.00

    A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic.

  • CVE-2004-0596Aug 6, 2004
    risk 0.00cvss epss 0.00

    The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference.

  • CVE-2004-0658Aug 6, 2004
    risk 0.00cvss epss 0.00

    Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2)…

  • CVE-2004-0447Aug 6, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS.

  • CVE-2004-0495Aug 6, 2004
    risk 0.00cvss epss 0.00

    Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.

Page 763 of 768