Vulnerabilities > Linux > Linux Kernel > 2.6.11.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-14 | CVE-2005-2490 | Local Buffer Overflow vulnerability in Linux Kernel Sendmsg() Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread. | 4.6 |
2005-09-14 | CVE-2005-1913 | Local Denial Of Service vulnerability in Linux Kernel Subthread Exec The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist. | 2.1 |
2005-09-09 | CVE-2005-2873 | Remote Denial of Service vulnerability in Linux Kernel Netfilter Ipt_recent The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vulnerability than CVE-2005-2872. | 2.1 |
2005-08-23 | CVE-2005-2459 | Null Pointer Dereference vulnerability in multiple products The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458. | 5.0 |
2005-08-23 | CVE-2005-2458 | Local Denial of Service vulnerability in Linux Kernel ZLib Invalid Memory Access inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". | 5.0 |
2005-08-23 | CVE-2005-2457 | Denial Of Service vulnerability in Linux Kernel ISO File System The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system. | 5.0 |
2005-08-23 | CVE-2005-2099 | Resource Management Errors vulnerability in Linux Kernel The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null dereference in the keyring destructor. | 5.0 |
2005-08-23 | CVE-2005-2098 | Local Denial of Service vulnerability in Linux Kernel Session Keyring Allocation The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM. | 5.0 |
2005-04-01 | CVE-2005-0749 | Local Denial of Service vulnerability in Linux Kernel Elf Binary Loading The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer. | 7.2 |
2005-03-07 | CVE-2005-0180 | Integer Overflow vulnerability in Linux Kernel SCSI IOCTL Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions. | 3.6 |