Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:2.6.19
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-0772 |
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer. Published: February 20, 2007; 12:28:00 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2007-0958 |
Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump, a variant of CVE-2004-1073. Published: February 15, 2007; 1:28:00 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2007-0006 |
The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion." Published: February 06, 2007; 2:28:00 PM -0500 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2006-6106 |
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field. Published: December 19, 2006; 2:28:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2006-6304 |
The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump. Published: December 14, 2006; 3:28:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2006-6333 |
The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wrong flag to the ip_summed field, which allows remote attackers to cause a denial of service (memory corruption) via crafted packets that cause the kernel to interpret another field as an offset. Published: December 06, 2006; 5:28:00 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2006-6058 |
The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness error. Published: November 21, 2006; 8:07:00 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-5823 |
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs. Published: November 09, 2006; 6:07:00 AM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-5757 |
Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures. Published: November 06, 2006; 3:07:00 PM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2006-5701 |
Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem. Published: November 03, 2006; 6:07:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-5173 |
Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access. Published: October 17, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-5174 |
The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer. Published: October 10, 2006; 12:06:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-2935 |
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. Published: July 05, 2006; 2:05:00 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2006-2916 |
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. Published: June 15, 2006; 6:02:00 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.0 MEDIUM |
CVE-2005-0504 |
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value. Published: March 14, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |