Kernel
by Linux
Source repositories
CVEs (15,353)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-1399 | 0.00 | — | 0.00 | Apr 17, 2001 | Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86." | |||
| CVE-2001-1398 | 0.00 | — | 0.03 | Apr 17, 2001 | Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability. | |||
| CVE-2001-1396 | 0.00 | — | 0.00 | Apr 17, 2001 | Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact. | |||
| CVE-2001-1273 | 0.00 | — | 0.00 | Feb 12, 2001 | The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPUs, allows local users to cause a denial of service (system halt). | |||
| CVE-2000-0867 | 0.00 | — | 0.00 | Nov 14, 2000 | Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | |||
| CVE-1999-0590 | 0.00 | — | 0.06 | Jun 1, 2000 | A system does not present an appropriate legal message or warning to a user who is accessing it. | |||
| CVE-2000-0344 | 0.00 | — | 0.02 | May 1, 2000 | The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value. | |||
| CVE-2000-0289 | 0.00 | — | 0.03 | Mar 27, 2000 | IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection. | |||
| CVE-1999-1339 | 0.00 | — | 0.03 | Dec 31, 1999 | Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command. | |||
| CVE-2000-0006 | 0.00 | — | 0.00 | Dec 25, 1999 | strace allows local users to read arbitrary files via memory mapped file names. | |||
| CVE-1999-0317 | 0.00 | — | 0.00 | Nov 25, 1999 | Buffer overflow in Linux su command gives root access to local users. | |||
| CVE-1999-1341 | 0.00 | — | 0.00 | Oct 22, 1999 | Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices. | |||
| CVE-1999-1352 | 0.00 | — | 0.00 | Sep 28, 1999 | mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges. | |||
| CVE-1999-0461 | 0.00 | — | 0.03 | Jan 28, 1999 | Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. | |||
| CVE-1999-0401 | 0.00 | — | 0.00 | Jan 1, 1999 | A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | |||
| CVE-1999-0656 | 0.00 | — | 0.02 | Jan 1, 1999 | The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. | |||
| CVE-1999-1285 | 0.00 | — | 0.00 | Dec 27, 1998 | Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed. | |||
| CVE-1999-1276 | 0.00 | — | 0.00 | Dec 7, 1998 | fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device. | |||
| CVE-1999-0780 | 0.00 | — | 0.00 | Nov 18, 1998 | KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. | |||
| CVE-1999-0781 | 0.00 | — | 0.00 | Nov 18, 1998 | KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. |
- CVE-2001-1399Apr 17, 2001risk 0.00cvss —epss 0.00
Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86."
- CVE-2001-1398Apr 17, 2001risk 0.00cvss —epss 0.03
Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability.
- CVE-2001-1396Apr 17, 2001risk 0.00cvss —epss 0.00
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.
- CVE-2001-1273Feb 12, 2001risk 0.00cvss —epss 0.00
The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPUs, allows local users to cause a denial of service (system halt).
- CVE-2000-0867Nov 14, 2000risk 0.00cvss —epss 0.00
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
- CVE-1999-0590Jun 1, 2000risk 0.00cvss —epss 0.06
A system does not present an appropriate legal message or warning to a user who is accessing it.
- CVE-2000-0344May 1, 2000risk 0.00cvss —epss 0.02
The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value.
- CVE-2000-0289Mar 27, 2000risk 0.00cvss —epss 0.03
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
- CVE-1999-1339Dec 31, 1999risk 0.00cvss —epss 0.03
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.
- CVE-2000-0006Dec 25, 1999risk 0.00cvss —epss 0.00
strace allows local users to read arbitrary files via memory mapped file names.
- CVE-1999-0317Nov 25, 1999risk 0.00cvss —epss 0.00
Buffer overflow in Linux su command gives root access to local users.
- CVE-1999-1341Oct 22, 1999risk 0.00cvss —epss 0.00
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices.
- CVE-1999-1352Sep 28, 1999risk 0.00cvss —epss 0.00
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.
- CVE-1999-0461Jan 28, 1999risk 0.00cvss —epss 0.03
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.
- CVE-1999-0401Jan 1, 1999risk 0.00cvss —epss 0.00
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
- CVE-1999-0656Jan 1, 1999risk 0.00cvss —epss 0.02
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.
- CVE-1999-1285Dec 27, 1998risk 0.00cvss —epss 0.00
Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.
- CVE-1999-1276Dec 7, 1998risk 0.00cvss —epss 0.00
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.
- CVE-1999-0780Nov 18, 1998risk 0.00cvss —epss 0.00
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
- CVE-1999-0781Nov 18, 1998risk 0.00cvss —epss 0.00
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
Page 767 of 768