VYPR

Vendor CVEs

Linux

All CVEs

15,928 total · sorted by risk
  • CVE-2006-1860May 12, 2006
    risk 0.00cvss epss 0.00

    lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack.

  • CVE-2006-2274May 9, 2006
    risk 0.00cvss epss 0.04

    Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to…

  • CVE-2006-2272May 9, 2006
    risk 0.00cvss epss 0.04

    Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2) HEARTBEAT SCTP control chunks.

  • CVE-2006-2271May 9, 2006
    risk 0.00cvss epss 0.04

    The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via an unexpected chunk when the session is in CLOSED state.

  • CVE-2006-1052May 5, 2006
    risk 0.00cvss epss 0.00

    The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.

  • CVE-2006-1527May 3, 2006
    risk 0.00cvss epss 0.04

    The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function.

  • CVE-2006-2071Apr 27, 2006
    risk 0.00cvss epss 0.00

    Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but…

  • CVE-2006-1863Apr 25, 2006
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864.

  • CVE-2006-1056Apr 20, 2006
    risk 0.00cvss epss 0.00

    The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine…

  • CVE-2006-1525Apr 19, 2006
    risk 0.00cvss epss 0.00

    ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference.

  • CVE-2006-1524Apr 19, 2006
    risk 0.00cvss epss 0.00

    madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally…

  • CVE-2006-0744Apr 18, 2006
    risk 0.00cvss epss 0.00

    Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS.

  • CVE-2006-0558Apr 14, 2006
    risk 0.00cvss epss 0.00

    perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function.

  • CVE-2006-1523Apr 12, 2006
    risk 0.00cvss epss 0.03

    The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON.

  • CVE-2006-1522Apr 10, 2006
    risk 0.00cvss epss 0.00

    The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid…

  • CVE-2006-1055Apr 5, 2006
    risk 0.00cvss epss 0.01

    The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds…

  • CVE-2006-1624Apr 5, 2006
    risk 0.00cvss epss 0.03

    The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses.

  • CVE-2006-1066Mar 27, 2006
    risk 0.00cvss epss 0.00

    Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug…

  • CVE-2006-1368Mar 23, 2006
    risk 0.00cvss epss 0.06

    Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply…

  • CVE-2006-0038Mar 22, 2006
    risk 0.00cvss epss 0.00

    Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.

  • CVE-2006-1343Mar 21, 2006
    risk 0.00cvss epss 0.00

    net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local…

  • CVE-2006-1242Mar 15, 2006
    risk 0.00cvss epss 0.03

    The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections…

  • CVE-2006-0457Mar 14, 2006
    risk 0.00cvss epss 0.03

    Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the…

  • CVE-2006-0557Mar 12, 2006
    risk 0.00cvss epss 0.00

    sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors.

  • CVE-2006-0742Mar 9, 2006
    risk 0.00cvss epss 0.00

    The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing user faults on Itanium…

  • CVE-2006-0741Mar 7, 2006
    risk 0.00cvss epss 0.00

    Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."

  • CVE-2006-0554Mar 7, 2006
    risk 0.00cvss epss 0.00

    Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data.

  • CVE-2006-0555Mar 7, 2006
    risk 0.00cvss epss 0.00

    The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O).

  • CVE-2006-0454Feb 7, 2006
    risk 0.00cvss epss 0.04

    Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and…

  • CVE-2006-0482Jan 31, 2006
    risk 0.00cvss epss 0.00

    Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call.

  • CVE-2006-0036Jan 23, 2006
    risk 0.00cvss epss 0.03

    ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows remote attackers to cause a denial of service (memory corruption or crash) via an inbound PPTP_IN_CALL_REQUEST packet that causes a null pointer to be used in…

  • CVE-2006-0037Jan 23, 2006
    risk 0.00cvss epss 0.00

    ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows local users to cause a denial of service (memory corruption or crash) via a crafted outbound packet that causes an incorrect offset to be calculated from…

  • CVE-2006-0035Jan 11, 2006
    risk 0.00cvss epss 0.00

    The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0.

  • CVE-2006-0095Jan 6, 2006
    risk 0.00cvss epss 0.00

    dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.

  • CVE-2006-0096Jan 6, 2006
    risk 0.00cvss epss 0.00

    wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to…

  • CVE-2005-3623Dec 31, 2005
    risk 0.00cvss epss 0.04

    nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.

  • CVE-2005-0136Dec 31, 2005
    risk 0.00cvss epss 0.00

    The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761.

  • CVE-2005-4635Dec 31, 2005
    risk 0.00cvss epss 0.03

    The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages.

  • CVE-2005-3356Dec 31, 2005
    risk 0.00cvss epss 0.00

    The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic)…

  • CVE-2005-4811Dec 31, 2005
    risk 0.00cvss epss 0.00

    The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function.

  • CVE-2005-0489Dec 31, 2005
    risk 0.00cvss epss 0.00

    The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory.

  • CVE-2005-4352Dec 31, 2005
    risk 0.00cvss epss 0.00

    The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the…

  • CVE-2005-4639Dec 31, 2005
    risk 0.00cvss epss 0.00

    Buffer overflow in the CA-driver (dst_ca.c) for TwinHan DST Frontend/Card in Linux kernel 2.6.12 and other versions before 2.6.15 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by "reading more than 8 bytes into an 8 byte long array".

  • CVE-2005-4351Dec 31, 2005
    risk 0.00cvss epss 0.00

    The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.

  • CVE-2005-3359Dec 31, 2005
    risk 0.00cvss epss 0.01

    The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules.

  • CVE-2005-4798Dec 31, 2005
    risk 0.00cvss epss 0.03

    Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.

  • CVE-2005-4618Dec 31, 2005
    risk 0.00cvss epss 0.00

    Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland…

  • CVE-2005-3660Dec 22, 2005
    risk 0.00cvss epss 0.00

    Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by…

  • CVE-2005-3358Dec 14, 2005
    risk 0.00cvss epss 0.01

    Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.

  • CVE-2005-3858Nov 27, 2005
    risk 0.00cvss epss 0.03

    Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed.

Page 314 of 319