Filtered by vendor Linux
Subscribe
Total
7458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2456 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-20 | 2.1 LOW | 5.5 MEDIUM |
| Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock->sk_policy array. | |||||
| CVE-2005-2099 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 5.0 MEDIUM | N/A |
| The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null dereference in the keyring destructor. | |||||
| CVE-2005-2098 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 5.0 MEDIUM | N/A |
| The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM. | |||||
| CVE-2005-1913 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist. | |||||
| CVE-2005-1768 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 3.7 LOW | N/A |
| Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow. | |||||
| CVE-2005-1765 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments. | |||||
| CVE-2005-1764 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service. | |||||
| CVE-2005-1762 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address. | |||||
| CVE-2005-1589 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 7.2 HIGH | N/A |
| The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264. | |||||
| CVE-2005-1369 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function. | |||||
| CVE-2005-1368 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 1.2 LOW | N/A |
| The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP. | |||||
| CVE-2005-1265 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash). | |||||
| CVE-2005-1264 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 7.2 HIGH | N/A |
| Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589. | |||||
| CVE-2005-1263 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 7.2 HIGH | N/A |
| The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pass a signed integer comparison, leading to a buffer overflow. | |||||
| CVE-2005-1041 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. | |||||
| CVE-2005-0977 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address. | |||||
| CVE-2005-0937 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 1.2 LOW | N/A |
| Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions. | |||||
| CVE-2005-0916 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes exit_aio and is_hugepage_only_range to fail. | |||||
| CVE-2005-0867 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 7.2 HIGH | N/A |
| Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file. | |||||
| CVE-2005-0839 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 7.2 HIGH | N/A |
| Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions. | |||||