National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.18:rc5
There are 2,352 matching records.
Displaying matches 2321 through 2340.
Vuln ID Summary CVSS Severity
CVE-2007-0006

The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."

Published: February 06, 2007; 02:28:00 PM -05:00
    V2: 1.9 LOW
CVE-2006-6106

Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.

Published: December 19, 2006; 02:28:00 PM -05:00
    V2: 7.5 HIGH
CVE-2006-5751

Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request.

Published: December 01, 2006; 09:28:00 PM -05:00
    V2: 7.2 HIGH
CVE-2006-6128

The ReiserFS functionality in Linux kernel 2.6.18, and possibly other versions, allows local users to cause a denial of service via a malformed ReiserFS file system that triggers memory corruption when a sync is performed.

Published: November 26, 2006; 07:07:00 PM -05:00
    V2: 2.1 LOW
CVE-2006-6053

The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures.

Published: November 21, 2006; 08:07:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2006-6054

The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum.

Published: November 21, 2006; 08:07:00 PM -05:00
    V2: 4.0 MEDIUM
CVE-2006-6056

Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows local users to cause a denial of service (crash) via a malformed file stream that triggers a NULL pointer dereference in the superblock_doinit function, as demonstrated using an HFS filesystem image.

Published: November 21, 2006; 08:07:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2006-6057

The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly other operating systems, allows local users to cause a denial of service (crash) via a malformed gfs2 file stream that triggers a NULL pointer dereference in the init_journal function.

Published: November 21, 2006; 08:07:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2006-6058

The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness error.

Published: November 21, 2006; 08:07:00 PM -05:00
    V2: 4.0 MEDIUM
CVE-2006-6060

The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a malformed NTFS file stream that triggers an infinite loop in the __find_get_block_slow function.

Published: November 21, 2006; 08:07:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2006-5823

The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.

Published: November 09, 2006; 06:07:00 AM -05:00
    V2: 4.0 MEDIUM
CVE-2006-5757

Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures.

Published: November 06, 2006; 03:07:00 PM -05:00
    V2: 1.2 LOW
CVE-2006-5701

Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem.

Published: November 03, 2006; 06:07:00 PM -05:00
    V2: 4.9 MEDIUM
CVE-2006-5619

The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels.

Published: October 31, 2006; 02:07:00 PM -05:00
    V2: 2.1 LOW
CVE-2006-5173

Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access.

Published: October 17, 2006; 06:07:00 PM -04:00
    V2: 2.1 LOW
CVE-2006-4997

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).

Published: October 10, 2006; 12:06:00 AM -04:00
    V2: 7.1 HIGH
CVE-2006-5174

The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer.

Published: October 10, 2006; 12:06:00 AM -04:00
    V2: 2.1 LOW
CVE-2006-3741

The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file descriptor consumption).

Published: October 10, 2006; 12:05:00 AM -04:00
    V2: 4.9 MEDIUM
CVE-2006-4535

The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to backporting of the CVE-2006-3745 patch.

Published: September 19, 2006; 03:07:00 PM -04:00
    V2: 4.9 MEDIUM
CVE-2006-2932

A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors.

Published: August 23, 2006; 03:04:00 PM -04:00
    V2: 4.9 MEDIUM