Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.22.18
There are 1,710 matching records.
Displaying matches 1,701 through 1,710.
Vuln ID Summary CVSS Severity
CVE-2008-2136

Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.

Published: May 16, 2008; 8:54:00 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2008-2148

The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.

Published: May 12, 2008; 5:20:00 PM -0400
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2008-1375

Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.

Published: May 02, 2008; 12:05:00 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2008-1675

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.

Published: May 02, 2008; 12:05:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2008-1514

arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platforms allows local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference.

Published: March 25, 2008; 8:44:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2007-6206

The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.

Published: December 03, 2007; 7:46:00 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2007-5500

The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.

Published: November 19, 2007; 9:46:00 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2007-5501

The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.

Published: November 15, 2007; 3:46:00 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2007-5904

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.

Published: November 09, 2007; 1:46:00 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2006-2935

The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.

Published: July 05, 2006; 2:05:00 PM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM