Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:2.6.12:rc6
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-1217 |
Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet. Published: March 02, 2007; 4:18:00 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2006-6106 |
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field. Published: December 19, 2006; 2:28:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2006-5751 |
Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request. Published: December 01, 2006; 9:28:00 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2006-5823 |
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs. Published: November 09, 2006; 6:07:00 AM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-4572 |
ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka "ip6_tables extension header bypass bug." Published: November 06, 2006; 7:07:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2006-5619 |
The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. Published: October 31, 2006; 2:07:00 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-4813 |
The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked. Published: October 12, 2006; 4:07:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-5174 |
The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer. Published: October 10, 2006; 12:06:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-3741 |
The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file descriptor consumption). Published: October 10, 2006; 12:05:00 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-4538 |
Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries. Published: September 05, 2006; 3:04:00 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-3468 |
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only. Published: July 21, 2006; 10:03:00 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2006-2936 |
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued. Published: July 10, 2006; 3:05:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2006-0456 |
The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors. Published: June 27, 2006; 7:05:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-2445 |
Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting. Published: June 23, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-2448 |
Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and possibly read kernel memory on 32-bit systems (signal_32.c). Published: June 23, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 5.6 MEDIUM |
CVE-2006-3085 |
xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length. Published: June 23, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2006-2444 |
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite. Published: May 25, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2006-1857 |
Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk. Published: May 22, 2006; 12:06:00 PM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |
CVE-2006-1858 |
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters. Published: May 22, 2006; 12:06:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2006-1528 |
Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space. Published: May 18, 2006; 3:06:00 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |