Filtered by vendor Linux
Subscribe
Total
5378 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-9903 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 2.1 LOW | 5.5 MEDIUM |
The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call. | |||||
CVE-2014-8480 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 4.9 MEDIUM | N/A |
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application. | |||||
CVE-2010-5313 | 1 Linux | 1 Linux Kernel | 2016-11-28 | 4.9 MEDIUM | N/A |
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842. | |||||
CVE-2006-1523 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 10.0 HIGH | N/A |
The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON. | |||||
CVE-2005-3809 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 7.8 HIGH | N/A |
The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference. | |||||
CVE-2005-3847 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 4.0 MEDIUM | N/A |
The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump. | |||||
CVE-2005-3810 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 7.8 HIGH | N/A |
ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference. | |||||
CVE-2005-0532 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 2.1 LOW | N/A |
The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data types. | |||||
CVE-2004-2136 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 2.1 LOW | N/A |
dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption. | |||||
CVE-2004-2135 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 2.1 LOW | N/A |
cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption. | |||||
CVE-2004-1151 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2016-10-17 | 7.2 HIGH | N/A |
Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges. | |||||
CVE-2003-0961 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 7.2 HIGH | N/A |
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges. | |||||
CVE-2003-0467 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 5.0 MEDIUM | N/A |
Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error. | |||||
CVE-2003-0418 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 5.0 MEDIUM | N/A |
The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses. | |||||
CVE-2002-0704 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 5.0 MEDIUM | N/A |
The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages. | |||||
CVE-2002-0429 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 3.6 LOW | N/A |
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall). | |||||
CVE-2001-1384 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 7.2 HIGH | N/A |
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp. | |||||
CVE-1999-1441 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 2.1 LOW | N/A |
Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it. | |||||
CVE-1999-1339 | 2 Freebsd, Linux | 2 Freebsd, Linux Kernel | 2016-10-17 | 5.0 MEDIUM | N/A |
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command. | |||||
CVE-1999-1352 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 4.6 MEDIUM | N/A |
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges. |