Vulnerabilities (CVE)

Filtered by vendor Linux Subscribe
Total 7458 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1398 1 Linux 1 Linux Kernel 2024-02-04 7.5 HIGH N/A
Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability.
CVE-2003-1040 1 Linux 1 Linux Kernel 2024-02-04 2.1 LOW N/A
kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod.
CVE-1999-0782 3 Freebsd, Kde, Linux 3 Freebsd, Kde, Linux Kernel 2024-02-04 2.1 LOW N/A
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
CVE-2003-0643 1 Linux 1 Linux Kernel 2024-02-04 2.1 LOW N/A
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
CVE-1999-1441 1 Linux 1 Linux Kernel 2024-02-04 2.1 LOW N/A
Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it.
CVE-2023-2156 3 Fedoraproject, Linux, Redhat 3 Fedora, Linux Kernel, Enterprise Linux 2024-02-03 N/A 7.5 HIGH
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.
CVE-2002-0704 1 Linux 1 Linux Kernel 2024-02-03 5.0 MEDIUM 7.5 HIGH
The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.
CVE-2019-15118 1 Linux 1 Linux Kernel 2024-02-03 4.9 MEDIUM 5.5 MEDIUM
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
CVE-2010-1437 1 Linux 1 Linux Kernel 2024-02-02 4.4 MEDIUM 7.0 HIGH
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.
CVE-2013-3301 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-02-02 7.2 HIGH N/A
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.
CVE-2014-3631 1 Linux 1 Linux Kernel 2024-02-02 7.2 HIGH N/A
The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation.
CVE-2005-3119 1 Linux 1 Linux Kernel 2024-02-02 2.1 LOW N/A
Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.
CVE-2023-3863 1 Linux 1 Linux Kernel 2024-02-02 N/A 4.1 MEDIUM
A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue.
CVE-2023-2002 2 Debian, Linux 2 Debian Linux, Linux Kernel 2024-02-02 N/A 6.8 MEDIUM
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.
CVE-2001-1391 1 Linux 1 Linux Kernel 2024-02-02 2.1 LOW 5.5 MEDIUM
Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.
CVE-2022-2639 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-02-02 N/A 7.8 HIGH
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2023-6857 5 Apple, Debian, Google and 2 more 7 Macos, Debian Linux, Android and 4 more 2024-02-02 N/A 5.3 MEDIUM
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
CVE-2005-3623 1 Linux 1 Linux Kernel 2024-02-02 5.0 MEDIUM N/A
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.