Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Linux Subscribe
Total 5378 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-3720 1 Linux 1 Linux Kernel 2008-11-14 2.1 LOW N/A
The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
CVE-2007-3719 1 Linux 1 Linux Kernel 2008-11-14 2.1 LOW N/A
The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
CVE-2007-2480 1 Linux 1 Linux Kernel 2008-11-12 4.6 MEDIUM N/A
The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applications.
CVE-2003-0018 1 Linux 1 Linux Kernel 2008-09-10 3.6 LOW N/A
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
CVE-2003-0643 1 Linux 1 Linux Kernel 2008-09-10 2.1 LOW N/A
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
CVE-2000-0344 1 Linux 1 Linux Kernel 2008-09-10 5.0 MEDIUM N/A
The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value.
CVE-2000-0289 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Linux 2008-09-10 5.0 MEDIUM N/A
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
CVE-2000-0506 1 Linux 1 Linux Kernel 2008-09-10 10.0 HIGH N/A
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."
CVE-1999-0986 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Linux 2008-09-09 5.0 MEDIUM N/A
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
CVE-1999-0804 4 Debian, Linux, Redhat and 1 more 4 Debian Linux, Linux Kernel, Linux and 1 more 2008-09-09 5.0 MEDIUM N/A
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
CVE-1999-0720 1 Linux 1 Linux Kernel 2008-09-09 4.6 MEDIUM N/A
The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users.
CVE-1999-0381 2 Debian, Linux 2 Debian Linux, Linux Kernel 2008-09-09 7.2 HIGH N/A
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
CVE-2008-3901 2 Linux, Suspend2 2 Linux Kernel, Software Suspend 2 2008-09-05 2.1 LOW N/A
Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
CVE-2008-3671 2 Acronis, Linux 2 True Image Echo Server, Linux Kernel 2008-09-05 5.0 MEDIUM N/A
Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0731 3 Linux, Novell, Suse 3 Linux Kernel, Apparmor, Open Suse 2008-09-05 7.5 HIGH N/A
The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task.
CVE-2007-0997 1 Linux 1 Linux Kernel 2008-09-05 6.9 MEDIUM N/A
Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe lock during a race between two pipe readers.
CVE-2006-7164 3 Ibm, Linux, Unix 3 Websphere Application Server, Linux Kernel, Unix 2008-09-05 4.3 MEDIUM N/A
SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does not block certain invalid URIs and does not issue a security challenge, which allows remote attackers to read secure files and obtain sensitive information via certain requests.
CVE-2005-3753 1 Linux 1 Linux Kernel 2008-09-05 7.8 HIGH N/A
Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker.
CVE-2005-2617 1 Linux 1 Linux Kernel 2008-09-05 3.6 LOW N/A
The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers.
CVE-2005-0916 1 Linux 1 Linux Kernel 2008-09-05 2.1 LOW N/A
AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes exit_aio and is_hugepage_only_range to fail.