Vulnerabilities > Linux > Linux Kernel > 2.4.1

DATE CVE VULNERABILITY TITLE RISK
2005-01-10 CVE-2004-0883 Remote vulnerability in Linux Kernel SMBFS
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
network
low complexity
linux redhat suse trustix ubuntu
6.4
2004-12-31 CVE-2004-2731 Numeric Errors vulnerability in Linux Kernel
Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function.
local
linux CWE-189
4.4
2004-12-31 CVE-2004-2013 Integer Overflow or Wraparound vulnerability in Linux Kernel
Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory.
local
low complexity
linux CWE-190
7.8
2004-12-31 CVE-2004-0997 Local Privilege Escalation vulnerability in Linux Kernel MIPS Ptrace
Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors.
local
low complexity
linux
4.6
2004-12-23 CVE-2004-0816 Integer Underflow (Wrap or Wraparound) vulnerability in Linux Kernel
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
network
low complexity
linux CWE-191
7.5
2004-12-23 CVE-2004-0814 Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.
local
high complexity
linux ubuntu
1.2
2004-12-23 CVE-2004-0685 Information Disclosure vulnerability in Linux Kernel USB Driver Uninitialized Structure
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
local
low complexity
linux redhat trustix
4.6
2004-11-23 CVE-2004-0415 Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
local
low complexity
linux redhat trustix
2.1
2004-08-06 CVE-2004-0658 Unspecified vulnerability in Linux Kernel
Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket.
local
low complexity
linux
7.2
2004-08-06 CVE-2004-0535 The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. 2.1