Vulnerabilities > Linux > Linux Kernel > 2.4.27

DATE CVE VULNERABILITY TITLE RISK
2004-12-23 CVE-2004-0814 Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.
local
high complexity
linux ubuntu
1.2
2004-12-23 CVE-2004-0685 Information Disclosure vulnerability in Linux Kernel USB Driver Uninitialized Structure
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
local
low complexity
linux redhat trustix
4.6
2004-08-06 CVE-2004-0658 Unspecified vulnerability in Linux Kernel
Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket.
local
low complexity
linux
7.2
2004-08-06 CVE-2004-0535 The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. 2.1
2004-05-26 CVE-2004-2135 Information Disclosure vulnerability in Linux Kernel Cryptoloop
cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
local
low complexity
linux
2.1