Vulnerabilities > Linux > Linux Kernel > 2.5.11

DATE CVE VULNERABILITY TITLE RISK
2007-03-16 CVE-2007-1497 Unspecified vulnerability in Linux Kernel
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.
network
low complexity
linux
5.0
2007-03-16 CVE-2007-1496 NULL Pointer Dereference vulnerability in Linux Kernel Netfilter NFNetLink_Log
nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference.
local
low complexity
linux
4.9
2007-03-12 CVE-2007-1000 Information Disclosure vulnerability in Linux Kernel IPV6_Getsockopt_Sticky Memory Leak
The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.
local
low complexity
linux
7.2
2007-03-10 CVE-2007-1388 Resource Management Errors vulnerability in Linux Kernel
The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference.
local
linux CWE-399
4.4
2007-02-20 CVE-2007-0772 Resource Management Errors vulnerability in Linux Kernel
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.
network
low complexity
linux CWE-399
7.8
2007-02-06 CVE-2007-0006 Local Denial of Service vulnerability in Linux Kernel Key_Alloc_Serial()
The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion." The scheme for selecting serial numbers was changed from incrementing a counter to random number selection, increasing the likelihood of a serial number collision.
local
linux
1.9
2007-01-30 CVE-2006-5754 Local Denial of Service vulnerability in Linux Kernel AIO_Setup_Ring
The aio_setup_ring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service (crash) via an unspecified error path that causes an incorrect free operation.
local
low complexity
linux
4.9
2006-10-10 CVE-2006-4997 Use After Free vulnerability in multiple products
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).
network
low complexity
linux canonical redhat CWE-416
7.5
2006-10-05 CVE-2006-5158 Improper Locking vulnerability in multiple products
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.
network
low complexity
linux redhat canonical CWE-667
7.5
2006-08-23 CVE-2006-3745 Buffer Overflow vulnerability in Linux Kernel SCTP_Make_Abort_User Function
Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors.
local
low complexity
linux
7.2