U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.6.10:-:*:*:*:*:*:*
  • CPE Name Search: true
There are 2,671 matching records.
Displaying matches 2,641 through 2,660.
Vuln ID Summary CVSS Severity
CVE-2005-0530

Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.

Published: May 02, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-0531

The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.

Published: May 02, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-0532

The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data types.

Published: May 02, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-0815

Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.

Published: May 02, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2005-0839

Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.

Published: May 02, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2005-1368

The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP.

Published: May 02, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 1.2 LOW
CVE-2005-1369

The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function.

Published: May 02, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2004-1235

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

Published: April 14, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2004-1237

Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.

Published: April 14, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-0749

The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer.

Published: April 01, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2005-0750

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

Published: March 27, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2005-0504

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.

Published: March 14, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2005-0736

Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.

Published: March 09, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-0178

Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.

Published: March 07, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2005-0179

Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call.

Published: March 07, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-0180

Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.

Published: March 07, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2005-0937

Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions.

Published: February 22, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 1.2 LOW
CVE-2004-2302

Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.

Published: December 31, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2004-2135

cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

Published: May 26, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2003-1327

Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 9.3 HIGH