VYPR

Vendor CVEs

Linux

All CVEs

15,612 total · sorted by risk
  • CVE-2005-3273Oct 21, 2005
    risk 0.00cvss epss 0.03

    The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a…

  • CVE-2005-3181Oct 12, 2005
    risk 0.00cvss epss 0.01

    The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows…

  • CVE-2005-3180Oct 12, 2005
    risk 0.00cvss epss 0.04

    The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.

  • CVE-2005-3179Oct 12, 2005
    risk 0.00cvss epss 0.00

    drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.

  • CVE-2005-3119Oct 12, 2005
    risk 0.00cvss epss 0.00

    Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.

  • CVE-2005-1764Oct 7, 2005
    risk 0.00cvss epss 0.00

    Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service.

  • CVE-2005-3110Sep 30, 2005
    risk 0.00cvss epss 0.03

    Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service (crash) via a series of packets that cause a value to be modified after it has…

  • CVE-2005-3108Sep 30, 2005
    risk 0.00cvss epss 0.00

    mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.

  • CVE-2005-3105Sep 30, 2005
    risk 0.00cvss epss 0.00

    The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito processors does not properly maintain cache coherency as required by the architecture, which allows local users to cause a denial of service and possibly corrupt data by modifying PTE protections.

  • CVE-2005-3109Sep 30, 2005
    risk 0.00cvss epss 0.00

    The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.

  • CVE-2005-3107Sep 30, 2005
    risk 0.00cvss epss 0.00

    fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state.

  • CVE-2005-3053Sep 26, 2005
    risk 0.00cvss epss 0.00

    The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument.

  • CVE-2005-3055Sep 26, 2005
    risk 0.00cvss epss 0.00

    Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference.

  • CVE-2005-3044Sep 22, 2005
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on 64-bit systems.

  • CVE-2005-1913Sep 14, 2005
    risk 0.00cvss epss 0.00

    The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist.

  • CVE-2005-2492Sep 14, 2005
    risk 0.00cvss epss 0.00

    The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.

  • CVE-2005-2490Sep 14, 2005
    risk 0.00cvss epss 0.01

    Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.

  • CVE-2005-2872Sep 9, 2005
    risk 0.00cvss epss 0.04

    The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length…

  • CVE-2005-2873Sep 9, 2005
    risk 0.00cvss epss 0.00

    The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vulnerability than…

  • CVE-2005-2098Aug 23, 2005
    risk 0.00cvss epss 0.03

    The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session…

  • CVE-2005-2457Aug 23, 2005
    risk 0.00cvss epss 0.04

    The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system.

  • CVE-2005-2458Aug 23, 2005
    risk 0.00cvss epss 0.04

    inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".

  • CVE-2005-2459Aug 23, 2005
    risk 0.00cvss epss 0.05

    The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different…

  • CVE-2005-2099Aug 23, 2005
    risk 0.00cvss epss 0.03

    The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail,…

  • CVE-2005-2617Aug 17, 2005
    risk 0.00cvss epss 0.00

    The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers.

  • CVE-2005-2555Aug 16, 2005
    risk 0.00cvss epss 0.00

    Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.

  • CVE-2005-2548Aug 12, 2005
    risk 0.00cvss epss 0.03

    vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd.

  • CVE-2005-2553Aug 12, 2005
    risk 0.00cvss epss 0.01

    The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a…

  • CVE-2005-2500Aug 8, 2005
    risk 0.00cvss epss 0.05

    Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol.

  • CVE-2005-1761Aug 5, 2005
    risk 0.00cvss epss 0.00

    Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.

  • CVE-2005-1767Aug 5, 2005
    risk 0.00cvss epss 0.00

    traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).

  • CVE-2005-1762Aug 2, 2005
    risk 0.00cvss epss 0.00

    The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address.

  • CVE-2005-1768Jul 11, 2005
    risk 0.00cvss epss 0.00

    Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer…

  • CVE-2005-1265Jun 16, 2005
    risk 0.00cvss epss 0.00

    The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).

  • CVE-2005-1763Jun 9, 2005
    risk 0.00cvss epss 0.00

    Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.

  • CVE-2005-0756Jun 8, 2005
    risk 0.00cvss epss 0.00

    ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).

  • CVE-2005-1765May 31, 2005
    risk 0.00cvss epss 0.00

    syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments.

  • CVE-2005-1264May 17, 2005
    risk 0.00cvss epss 0.01

    Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.

  • CVE-2005-1368May 2, 2005
    risk 0.00cvss epss 0.00

    The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP.

  • CVE-2005-0204May 2, 2005
    risk 0.00cvss epss 0.00

    Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local users to write to privileged IO ports via the OUTS instruction.

  • CVE-2005-0867May 2, 2005
    risk 0.00cvss epss 0.00

    Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file.

  • CVE-2005-0529May 2, 2005
    risk 0.00cvss epss 0.01

    Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.

  • CVE-2005-0532May 2, 2005
    risk 0.00cvss epss 0.01

    The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data…

  • CVE-2005-0207May 2, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

  • CVE-2005-0531May 2, 2005
    risk 0.00cvss epss 0.01

    The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.

  • CVE-2005-0839May 2, 2005
    risk 0.00cvss epss 0.00

    Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.

  • CVE-2005-0135May 2, 2005
    risk 0.00cvss epss 0.00

    The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allows local users to cause a denial of service (system crash).

  • CVE-2005-0400May 2, 2005
    risk 0.00cvss epss 0.00

    The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.

  • CVE-2005-0530May 2, 2005
    risk 0.00cvss epss 0.00

    Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.

  • CVE-2005-0449May 2, 2005
    risk 0.00cvss epss 0.05

    The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.

Page 309 of 313