Vulnerabilities > Linux > Linux Kernel > 2.5.44

DATE CVE VULNERABILITY TITLE RISK
2007-06-11 CVE-2007-2875 Numeric Errors vulnerability in Linux Kernel
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.
local
low complexity
linux debian canonical CWE-189
2.1
2007-05-07 CVE-2007-1861 Resource Management Errors vulnerability in Linux Kernel
The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow.
local
low complexity
linux CWE-399
4.9
2007-04-11 CVE-2007-1357 Denial Of Service vulnerability in Linux Kernel AppleTalk ATalk_Sum_SKB Function
The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum.
network
low complexity
linux
7.8
2007-03-16 CVE-2007-1497 Unspecified vulnerability in Linux Kernel
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.
network
low complexity
linux
5.0
2007-03-16 CVE-2007-1496 NULL Pointer Dereference vulnerability in Linux Kernel Netfilter NFNetLink_Log
nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference.
local
low complexity
linux
4.9
2007-03-12 CVE-2007-1000 Information Disclosure vulnerability in Linux Kernel IPV6_Getsockopt_Sticky Memory Leak
The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.
local
low complexity
linux
7.2
2007-03-10 CVE-2007-1388 Resource Management Errors vulnerability in Linux Kernel
The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference.
local
linux CWE-399
4.4
2007-02-20 CVE-2007-0772 Resource Management Errors vulnerability in Linux Kernel
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.
network
low complexity
linux CWE-399
7.8
2007-02-06 CVE-2007-0006 Local Denial of Service vulnerability in Linux Kernel Key_Alloc_Serial()
The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion." The scheme for selecting serial numbers was changed from incrementing a counter to random number selection, increasing the likelihood of a serial number collision.
local
linux
1.9
2007-01-30 CVE-2006-5754 Local Denial of Service vulnerability in Linux Kernel AIO_Setup_Ring
The aio_setup_ring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service (crash) via an unspecified error path that causes an incorrect free operation.
local
low complexity
linux
4.9