Vulnerabilities > Linux > Linux Kernel > 2.2.21
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-07-05 | CVE-2006-2935 | Classic Buffer Overflow vulnerability in multiple products The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. | 4.6 |
| 2006-04-20 | CVE-2006-1056 | Cryptographic Issues vulnerability in multiple products The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. | 2.1 |
| 2005-12-31 | CVE-2005-4351 | Local Security vulnerability in kernel The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. | 4.3 |
| 2005-11-20 | CVE-2005-2709 | Resource Management Errors vulnerability in Linux Kernel The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table. | 4.6 |
| 2005-05-17 | CVE-2005-1589 | Local Memory Corruption vulnerability in Multiple Linux Kernel IOCTL Handlers The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264. | 7.2 |
| 2005-05-11 | CVE-2005-1263 | Local Buffer Overflow vulnerability in Linux Kernel ELF Core Dump The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pass a signed integer comparison, leading to a buffer overflow. | 7.2 |
| 2005-05-02 | CVE-2005-0815 | ISO9660 Filesystem Handling vulnerability in Linux Kernel Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem. | 6.4 |
| 2005-05-02 | CVE-2005-0400 | Unspecified vulnerability in Linux Kernel The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | 2.1 |
| 2005-04-01 | CVE-2005-0749 | Local Denial of Service vulnerability in Linux Kernel Elf Binary Loading The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer. | 7.2 |
| 2005-03-14 | CVE-2005-0504 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value. | 4.6 |