Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:2.6.17.13
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-6054 |
The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum. Published: November 21, 2006; 8:07:00 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-6056 |
Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows local users to cause a denial of service (crash) via a malformed file stream that triggers a NULL pointer dereference in the superblock_doinit function, as demonstrated using an HFS filesystem image. Published: November 21, 2006; 8:07:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-6057 |
The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly other operating systems, allows local users to cause a denial of service (crash) via a malformed gfs2 file stream that triggers a NULL pointer dereference in the init_journal function. Published: November 21, 2006; 8:07:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-6058 |
The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness error. Published: November 21, 2006; 8:07:00 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-6060 |
The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a malformed NTFS file stream that triggers an infinite loop in the __find_get_block_slow function. Published: November 21, 2006; 8:07:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-5823 |
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs. Published: November 09, 2006; 6:07:00 AM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-5757 |
Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures. Published: November 06, 2006; 3:07:00 PM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2006-5701 |
Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem. Published: November 03, 2006; 6:07:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-5619 |
The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. Published: October 31, 2006; 2:07:00 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-5173 |
Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access. Published: October 17, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-4997 |
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference). Published: October 10, 2006; 12:06:00 AM -0400 |
V3.1: 7.5 HIGH V2.0: 7.1 HIGH |
CVE-2006-2935 |
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. Published: July 05, 2006; 2:05:00 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2006-2916 |
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. Published: June 15, 2006; 6:02:00 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.0 MEDIUM |
CVE-2005-0504 |
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value. Published: March 14, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |