Vulnerabilities > Linux > Linux Kernel > 2.6.14.2

DATE CVE VULNERABILITY TITLE RISK
2007-03-02 CVE-2007-1217 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel
Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet.
local
linux CWE-119
6.9
2007-02-20 CVE-2007-0772 Resource Management Errors vulnerability in Linux Kernel
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.
network
low complexity
linux CWE-399
7.8
2007-02-15 CVE-2007-0958 Local Information Disclosure vulnerability in Linux Kernel BINFMT_ELF PT_INTERP
Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump, a variant of CVE-2004-1073.
local
low complexity
linux
2.1
2007-02-06 CVE-2007-0006 Local Denial of Service vulnerability in Linux Kernel Key_Alloc_Serial()
The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion." The scheme for selecting serial numbers was changed from incrementing a counter to random number selection, increasing the likelihood of a serial number collision.
local
linux
1.9
2006-12-19 CVE-2006-6106 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.
network
low complexity
linux CWE-119
7.5
2006-11-22 CVE-2006-6060 Denial-Of-Service vulnerability in kernel
The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a malformed NTFS file stream that triggers an infinite loop in the __find_get_block_slow function.
local
low complexity
linux
4.9
2006-11-22 CVE-2006-6058 Numeric Errors vulnerability in Linux Kernel
The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function.
local
high complexity
linux CWE-189
4.0
2006-11-22 CVE-2006-6057 Denial-Of-Service vulnerability in kernel
The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly other operating systems, allows local users to cause a denial of service (crash) via a malformed gfs2 file stream that triggers a NULL pointer dereference in the init_journal function.
local
low complexity
linux
4.9
2006-11-22 CVE-2006-6056 Denial-Of-Service vulnerability in kernel
Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows local users to cause a denial of service (crash) via a malformed file stream that triggers a NULL pointer dereference in the superblock_doinit function, as demonstrated using an HFS filesystem image.
local
low complexity
linux
4.9
2006-11-22 CVE-2006-6054 Denial-Of-Service vulnerability in kernel
The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum.
local
high complexity
linux
4.0