Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.6.11:rc5:*:*:*:*:*:*
There are 58 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2008-1669

Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."

Published: May 07, 2008; 8:20:00 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2008-1514

arch/s390/kernel/ptrace.c in Linux kernel 2.6.9, and other versions before 2.6.27-rc6, on s390 platforms allows local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference.

Published: March 25, 2008; 8:44:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2007-6694

The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference.

Published: January 29, 2008; 3:00:00 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2007-3642

The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c in the Linux kernel before 2.6.20.15, 2.6.21.x before 2.6.21.6, and before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL pointer dereference.

Published: July 09, 2007; 9:30:00 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2007-2453

The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source.

Published: June 11, 2007; 7:30:00 PM -0400
V3.x:(not available)
V2.0: 1.2 LOW
CVE-2007-2876

The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.

Published: June 11, 2007; 7:30:00 PM -0400
V3.x:(not available)
V2.0: 6.1 MEDIUM
CVE-2007-2451

Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.

Published: May 29, 2007; 4:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2007-1592

net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.

Published: March 22, 2007; 3:19:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2007-1217

Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet.

Published: March 02, 2007; 4:18:00 PM -0500
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2006-6106

Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.

Published: December 19, 2006; 2:28:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2006-5751

Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request.

Published: December 01, 2006; 9:28:00 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2006-5823

The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.

Published: November 09, 2006; 6:07:00 AM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2006-4572

ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka "ip6_tables extension header bypass bug."

Published: November 06, 2006; 7:07:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2006-5619

The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels.

Published: October 31, 2006; 2:07:00 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-4813

The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.

Published: October 12, 2006; 4:07:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-4997

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).

Published: October 10, 2006; 12:06:00 AM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2006-5174

The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer.

Published: October 10, 2006; 12:06:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-3741

The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file descriptor consumption).

Published: October 10, 2006; 12:05:00 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2006-4538

Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries.

Published: September 05, 2006; 3:04:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2006-3468

Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only.

Published: July 21, 2006; 10:03:00 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH