| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length. |
| Buffer overflow in Linux su command gives root access to local users. |
| Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors. |
| The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. |
| Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events. |
| Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589. |
| Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified. |
| The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code. |
| Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. |
| perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. |
| Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address." |
| Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. |
| A system does not present an appropriate legal message or warning to a user who is accessing it. |
| Denial of service of inetd on Linux through SYN and RST packets. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd. |
| Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. |
| Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS. |
| Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single user. |
| Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol. |
