| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. |
| The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries. |
| A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. |
| The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function. |
| Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function. |
| The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference. |
| The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. |
| Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed. |
| xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length. |
| The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code. |
| Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link. |
| Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. |
| Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion. |
| Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket. |
| Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value. |
| IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request. |
| The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type. |
| Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. |
| Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow. |
| Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors. |
