National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.4.29
There are 2,500 matching records.
Displaying matches 2441 through 2460.
Vuln ID Summary CVSS Severity
CVE-2006-5158

The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.

Published: October 05, 2006; 12:04:00 AM -04:00
    V2: 3.3 LOW
CVE-2006-2932

A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors.

Published: August 23, 2006; 03:04:00 PM -04:00
    V2: 4.9 MEDIUM
CVE-2006-3745

Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors.

Published: August 23, 2006; 03:04:00 PM -04:00
    V2: 7.2 HIGH
CVE-2006-4093

Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."

Published: August 21, 2006; 05:04:00 PM -04:00
    V2: 4.9 MEDIUM
CVE-2006-4145

The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.

Published: August 21, 2006; 03:04:00 PM -04:00
    V2: 4.9 MEDIUM
CVE-2006-2935

The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.

Published: July 05, 2006; 02:05:00 PM -04:00
    V2: 4.6 MEDIUM
CVE-2006-2071

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs.

Published: April 27, 2006; 01:06:00 PM -04:00
    V2: 2.1 LOW
CVE-2006-1863

Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864.

Published: April 25, 2006; 06:02:00 PM -04:00
    V2: 2.1 LOW
CVE-2006-1056

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.

Published: April 20, 2006; 06:02:00 AM -04:00
    V2: 2.1 LOW
CVE-2006-1368

Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure.

Published: March 23, 2006; 06:06:00 PM -05:00
    V2: 10.0 HIGH
CVE-2006-1242

The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks.

Published: March 15, 2006; 12:06:00 PM -05:00
    V2: 5.0 MEDIUM
CVE-2006-0557

sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors.

Published: March 12, 2006; 04:02:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2005-4351

The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.

Published: December 31, 2005; 12:00:00 AM -05:00
    V2: 4.3 MEDIUM
CVE-2005-4635

The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages.

Published: December 31, 2005; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2005-4798

Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.

Published: December 31, 2005; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2005-3660

Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference.

Published: December 22, 2005; 06:03:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2005-3358

Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.

Published: December 14, 2005; 02:03:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2005-3857

The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.

Published: November 27, 2005; 04:03:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2005-3806

The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.

Published: November 25, 2005; 04:03:00 PM -05:00
    V2: 6.6 MEDIUM
CVE-2005-2709

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.

Published: November 20, 2005; 05:03:00 PM -05:00
    V2: 4.6 MEDIUM