VYPR

Kernel

by Linux

Source repositories

CVEs (15,353)

  • CVE-2004-0535Aug 6, 2004
    risk 0.00cvss epss 0.00

    The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

  • CVE-2004-0427Jul 7, 2004
    risk 0.00cvss epss 0.00

    The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of…

  • CVE-2004-0178Jun 1, 2004
    risk 0.00cvss epss 0.00

    The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes.

  • CVE-2004-0133Jun 1, 2004
    risk 0.00cvss epss 0.00

    The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device.

  • CVE-2004-0181Jun 1, 2004
    risk 0.00cvss epss 0.00

    The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.

  • CVE-2004-0109Jun 1, 2004
    risk 0.00cvss epss 0.01

    Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.

  • CVE-2004-0177Jun 1, 2004
    risk 0.00cvss epss 0.03

    The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by…

  • CVE-2003-1040Apr 15, 2004
    risk 0.00cvss epss 0.00

    kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod.

  • CVE-2004-0075Mar 15, 2004
    risk 0.00cvss epss 0.00

    The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service.

  • CVE-2004-0010Mar 3, 2004
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.

  • CVE-2002-1574Mar 3, 2004
    risk 0.00cvss epss 0.00

    Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors.

  • CVE-2004-0003Mar 3, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."

  • CVE-2004-2136Feb 19, 2004
    risk 0.00cvss epss 0.01

    dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

  • CVE-2004-0058Feb 17, 2004
    risk 0.00cvss epss 0.00

    Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary files via a symlink attack on the .pid_antivir_$$ temporary file.

  • CVE-2004-0001Feb 17, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.

  • CVE-2003-0984Jan 5, 2004
    risk 0.00cvss epss 0.00

    Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.

  • CVE-2003-0956Dec 31, 2003
    risk 0.00cvss epss 0.00

    Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being read, which might allow…

  • CVE-2003-0986Dec 31, 2003
    risk 0.00cvss epss 0.00

    Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.

  • CVE-2003-1161Dec 31, 2003
    risk 0.00cvss epss 0.00

    exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function.

  • CVE-2003-0959Dec 31, 2003
    risk 0.00cvss epss 0.02

    Multiple integer overflows in the 32bit emulation for AMD64 architectures in Linux 2.4 kernel before 2.4.21 allows attackers to cause a denial of service or gain root privileges via unspecified vectors that trigger copy_from_user function calls with improper length arguments.

Page 764 of 768