Vulnerabilities > Linux > Linux Kernel > 2.4.33
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-20 | CVE-2007-0772 | Resource Management Errors vulnerability in Linux Kernel The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer. | 7.8 |
| 2007-02-06 | CVE-2007-0006 | Local Denial of Service vulnerability in Linux Kernel Key_Alloc_Serial() The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion." The scheme for selecting serial numbers was changed from incrementing a counter to random number selection, increasing the likelihood of a serial number collision. local linux | 1.9 |
| 2007-01-30 | CVE-2006-5754 | Local Denial of Service vulnerability in Linux Kernel AIO_Setup_Ring The aio_setup_ring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service (crash) via an unspecified error path that causes an incorrect free operation. | 4.9 |
| 2006-12-20 | CVE-2006-4814 | Resource Management Errors vulnerability in Linux Kernel The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock. | 4.6 |
| 2006-12-19 | CVE-2006-6106 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field. | 7.5 |
| 2006-12-11 | CVE-2006-5871 | Multiple vulnerability in Linux Kernel 2.4.33/2.6.8 smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings. local linux | 4.1 |
| 2006-10-10 | CVE-2006-4997 | Use After Free vulnerability in multiple products The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference). | 7.5 |
| 2006-10-05 | CVE-2006-5158 | Improper Locking vulnerability in multiple products The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock. | 7.5 |
| 2006-08-23 | CVE-2006-3745 | Buffer Overflow vulnerability in Linux Kernel SCTP_Make_Abort_User Function Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors. | 7.2 |
| 2006-08-21 | CVE-2006-4093 | Local Denial of Service vulnerability in Linux Kernel PPC970 Systems Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time." Upgrade to Linux Kernel version 2.4.33.1 | 4.9 |