Vulnerabilities > Linux > Linux Kernel > 2.6.11.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-22 | CVE-2006-1857 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk. | 9.0 |
| 2006-05-19 | CVE-2006-1856 | Unspecified vulnerability in Linux Kernel Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions. | 7.5 |
| 2006-05-18 | CVE-2006-1855 | Local Denial of Service vulnerability in Linux Kernel Choose_New_Parent choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process. | 2.1 |
| 2006-05-05 | CVE-2006-1052 | Local Denial of Service vulnerability in Linux Kernel SELinux_PTrace The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process. | 2.1 |
| 2006-04-20 | CVE-2006-1056 | Cryptographic Issues vulnerability in multiple products The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. | 2.1 |
| 2006-04-19 | CVE-2006-1525 | Resource Management Errors vulnerability in Linux Kernel ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference. | 4.9 |
| 2006-04-18 | CVE-2006-0744 | Improper Input Validation vulnerability in Linux Kernel Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. | 4.9 |
| 2006-03-27 | CVE-2006-1066 | Local Denial Of Service vulnerability in Linux Kernel Get_Compat_Timespec and PTrace Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call. | 1.2 |
| 2006-03-15 | CVE-2006-1242 | Unspecified vulnerability in Linux Kernel The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks. | 5.0 |
| 2006-03-14 | CVE-2006-0457 | Local Copy_To_User Race vulnerability in Linux Kernel Security Key Functions Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory. | 7.1 |