Vulnerabilities > Linux > Linux Kernel > 2.4.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-23 | CVE-2004-0814 | Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. | 1.2 |
2004-12-23 | CVE-2004-0685 | Information Disclosure vulnerability in Linux Kernel USB Driver Uninitialized Structure Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage. | 4.6 |
2004-11-23 | CVE-2004-0415 | Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. | 2.1 |
2004-08-06 | CVE-2004-0658 | Unspecified vulnerability in Linux Kernel Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket. | 7.2 |
2004-08-06 | CVE-2004-0535 | The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. | 2.1 |
2004-05-26 | CVE-2004-2135 | Information Disclosure vulnerability in Linux Kernel Cryptoloop cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption. | 2.1 |
2004-03-15 | CVE-2004-0075 | Unspecified vulnerability in Linux Kernel The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service. | 2.1 |
2004-03-03 | CVE-2004-0077 | Local Privilege Escalation vulnerability in Linux Kernel do_mremap Function VMA Limit The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. | 7.2 |
2004-03-03 | CVE-2004-0010 | Local Privilege Escalation vulnerability in Linux Kernel NCPFS ncp_lookup() Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges. | 7.2 |
2004-03-03 | CVE-2004-0003 | Privilege Escalation vulnerability in Linux Kernel R128 Device Driver Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking." | 4.6 |