Vulnerabilities > Linux > Linux Kernel > 2.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-04-24 | CVE-2007-1353 | Information Disclosure vulnerability in Linux Kernel L2CAP and HCI Setsockopt Memory Leak The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer. | 2.1 |
| 2007-04-11 | CVE-2007-1357 | Denial Of Service vulnerability in Linux Kernel AppleTalk ATalk_Sum_SKB Function The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum. | 7.8 |
| 2007-03-16 | CVE-2007-1497 | Unspecified vulnerability in Linux Kernel nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments. | 5.0 |
| 2007-03-16 | CVE-2007-1496 | NULL Pointer Dereference vulnerability in Linux Kernel Netfilter NFNetLink_Log nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference. | 4.9 |
| 2007-03-12 | CVE-2007-1000 | Information Disclosure vulnerability in Linux Kernel IPV6_Getsockopt_Sticky Memory Leak The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference. | 7.2 |
| 2007-03-10 | CVE-2007-1388 | Resource Management Errors vulnerability in Linux Kernel The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference. | 4.4 |
| 2007-02-20 | CVE-2007-0772 | Resource Management Errors vulnerability in Linux Kernel The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer. | 7.8 |
| 2007-02-06 | CVE-2007-0006 | Local Denial of Service vulnerability in Linux Kernel Key_Alloc_Serial() The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion." The scheme for selecting serial numbers was changed from incrementing a counter to random number selection, increasing the likelihood of a serial number collision. local linux | 1.9 |
| 2007-01-30 | CVE-2006-5754 | Local Denial of Service vulnerability in Linux Kernel AIO_Setup_Ring The aio_setup_ring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service (crash) via an unspecified error path that causes an incorrect free operation. | 4.9 |
| 2006-12-20 | CVE-2006-4814 | Resource Management Errors vulnerability in Linux Kernel The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock. | 4.6 |