Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Linux Subscribe
Total 5378 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-9903 1 Linux 1 Linux Kernel 2016-11-28 2.1 LOW 5.5 MEDIUM
The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call.
CVE-2014-8480 1 Linux 1 Linux Kernel 2016-11-28 4.9 MEDIUM N/A
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application.
CVE-2010-5313 1 Linux 1 Linux Kernel 2016-11-28 4.9 MEDIUM N/A
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842.
CVE-2006-1523 1 Linux 1 Linux Kernel 2016-10-17 10.0 HIGH N/A
The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON.
CVE-2005-3809 1 Linux 1 Linux Kernel 2016-10-17 7.8 HIGH N/A
The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference.
CVE-2005-3847 1 Linux 1 Linux Kernel 2016-10-17 4.0 MEDIUM N/A
The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump.
CVE-2005-3810 1 Linux 1 Linux Kernel 2016-10-17 7.8 HIGH N/A
ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference.
CVE-2005-0532 1 Linux 1 Linux Kernel 2016-10-17 2.1 LOW N/A
The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data types.
CVE-2004-2136 1 Linux 1 Linux Kernel 2016-10-17 2.1 LOW N/A
dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
CVE-2004-2135 1 Linux 1 Linux Kernel 2016-10-17 2.1 LOW N/A
cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
CVE-2004-1151 2 Linux, Ubuntu 2 Linux Kernel, Ubuntu Linux 2016-10-17 7.2 HIGH N/A
Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges.
CVE-2003-0961 1 Linux 1 Linux Kernel 2016-10-17 7.2 HIGH N/A
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.
CVE-2003-0467 1 Linux 1 Linux Kernel 2016-10-17 5.0 MEDIUM N/A
Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error.
CVE-2003-0418 1 Linux 1 Linux Kernel 2016-10-17 5.0 MEDIUM N/A
The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses.
CVE-2002-0704 1 Linux 1 Linux Kernel 2016-10-17 5.0 MEDIUM N/A
The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.
CVE-2002-0429 1 Linux 1 Linux Kernel 2016-10-17 3.6 LOW N/A
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall).
CVE-2001-1384 1 Linux 1 Linux Kernel 2016-10-17 7.2 HIGH N/A
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.
CVE-1999-1441 1 Linux 1 Linux Kernel 2016-10-17 2.1 LOW N/A
Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it.
CVE-1999-1339 2 Freebsd, Linux 2 Freebsd, Linux Kernel 2016-10-17 5.0 MEDIUM N/A
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.
CVE-1999-1352 1 Linux 1 Linux Kernel 2016-10-17 4.6 MEDIUM N/A
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.