Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-0742 |
The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing user faults on Itanium systems. Published: March 09, 2006; 8:06:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2006-0554 |
Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data. Published: March 06, 2006; 9:02:00 PM -0500 |
V3.x:(not available) V2.0: 1.7 LOW |
CVE-2006-0555 |
The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O). Published: March 06, 2006; 9:02:00 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-0741 |
Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address." Published: March 06, 2006; 9:02:00 PM -0500 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2006-0482 |
Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call. Published: January 31, 2006; 2:03:00 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2005-0136 |
The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2005-3359 |
The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2005-4352 |
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap." Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2005-4618 |
Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 3.6 LOW |
CVE-2005-4635 |
The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-4811 |
The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2005-3660 |
Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference. Published: December 22, 2005; 6:03:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2005-3358 |
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs. Published: December 14, 2005; 2:03:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2005-3857 |
The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function. Published: November 27, 2005; 4:03:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2005-3273 |
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats. Published: October 20, 2005; 9:02:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-3275 |
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption. Published: October 20, 2005; 9:02:00 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2005-3055 |
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference. Published: September 26, 2005; 3:03:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2005-3044 |
Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on 64-bit systems. Published: September 22, 2005; 5:03:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2005-1913 |
The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist. Published: September 14, 2005; 3:03:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2005-2490 |
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread. Published: September 14, 2005; 3:03:00 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |