Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:2.6.17.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-5619 |
The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. Published: October 31, 2006; 2:07:00 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-5173 |
Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access. Published: October 17, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-4997 |
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference). Published: October 10, 2006; 12:06:00 AM -0400 |
V3.1: 7.5 HIGH V2.0: 7.1 HIGH |
CVE-2006-5174 |
The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer. Published: October 10, 2006; 12:06:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-3741 |
The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file descriptor consumption). Published: October 10, 2006; 12:05:00 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-3745 |
Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors. Published: August 23, 2006; 3:04:00 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2006-4093 |
Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time." Published: August 21, 2006; 5:04:00 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-3468 |
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only. Published: July 21, 2006; 10:03:00 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2006-3626 |
Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root. Published: July 18, 2006; 11:46:00 AM -0400 |
V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-2006-2451 |
The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions. Published: July 07, 2006; 2:05:00 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2006-2935 |
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. Published: July 05, 2006; 2:05:00 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2006-2934 |
SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer. Published: June 30, 2006; 5:05:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-2916 |
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. Published: June 15, 2006; 6:02:00 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.0 MEDIUM |
CVE-2005-0504 |
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value. Published: March 14, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |