Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2005-10-21 CVE-2005-3274 NULL Pointer Dereference vulnerability in multiple products
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired.
local
high complexity
linux debian CWE-476
4.7
2005-09-30 CVE-2005-3106 Improper Locking vulnerability in multiple products
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.
local
high complexity
linux debian canonical CWE-667
4.7
2005-08-04 CVE-2005-2456 Improper Locking vulnerability in multiple products
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock->sk_policy array.
local
low complexity
linux debian CWE-667
5.5
2005-07-06 CVE-2005-1916 Link Following vulnerability in multiple products
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
local
low complexity
ekg-project debian CWE-59
5.5
2005-05-02 CVE-2005-1111 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
local
high complexity
gnu debian canonical CWE-367
4.7