Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.6.2:rc3:*:*:*:*:*:*
There are 1,776 matching records.
Displaying matches 1,761 through 1,776.
Vuln ID Summary CVSS Severity
CVE-2004-0685

Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.

Published: December 23, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2004-0814

Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.

Published: December 23, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 1.2 LOW
CVE-2004-0816

Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.

Published: December 23, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2004-1333

Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.

Published: December 15, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2004-1334

Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.

Published: December 15, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2004-1335

Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.

Published: December 15, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2004-0415

Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.

Published: November 23, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2004-0229

The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact.

Published: August 18, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2004-0495

Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.

Published: August 06, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2004-0554

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

Published: August 06, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2004-0596

The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference.

Published: August 06, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2004-0658

Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket.

Published: August 06, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2004-0424

Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.

Published: July 07, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2004-2135

cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

Published: May 26, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2004-0077

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

Published: March 03, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2003-0986

Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.

Published: December 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 1.7 LOW