|Max CVSS||9.0||Min CVSS||2.1||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.
|30-10-2018 - 16:26||05-05-2006 - 12:46|
The Linux kernel before 184.108.40.206 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allow
|30-10-2018 - 16:26||20-04-2006 - 10:02|
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer ref
|19-10-2018 - 15:34||26-09-2005 - 19:03|
SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 220.127.116.11 and 2.6.16 before 18.104.22.168 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to conta
|18-10-2018 - 16:43||30-06-2006 - 21:05|
Linux kernel before 22.214.171.124 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and
|18-10-2018 - 16:40||23-06-2006 - 10:02|
net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGIN
|18-10-2018 - 16:32||21-03-2006 - 18:02|
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which b
|18-10-2018 - 16:31||15-03-2006 - 17:06|
Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time t
|03-10-2018 - 21:35||14-03-2006 - 02:02|
The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 126.96.36.199, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing
|03-10-2018 - 21:35||09-03-2006 - 13:06|
Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests
|11-10-2017 - 01:30||15-08-2006 - 22:04|
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive
|11-10-2017 - 01:30||09-05-2006 - 20:02|
nfs2acl.c in the Linux kernel 188.8.131.52 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.
|11-10-2017 - 01:30||31-12-2005 - 05:00|
The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors.
|11-10-2017 - 01:30||27-06-2006 - 23:05|
Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. Linux
|11-10-2017 - 01:30||22-03-2006 - 20:06|
Buffer overflow in SCTP in Linux kernel before 184.108.40.206 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk.
|11-10-2017 - 01:30||22-05-2006 - 16:06|