Vulnerabilities > Linux > Linux Kernel > 2.6.14.4

DATE CVE VULNERABILITY TITLE RISK
2007-07-10 CVE-2007-3107 Local Denial of Service vulnerability in Linux PowerPC Kernel Restore_Sigcontext
The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits.
local
low complexity
linux
2.1
2007-06-11 CVE-2007-2876 Denial Of Service vulnerability in Linux Kernel SCTP Connection
The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.
low complexity
linux
6.1
2007-06-11 CVE-2007-2453 Unspecified vulnerability in Linux Kernel
The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source.
local
high complexity
linux
1.2
2007-06-11 CVE-2007-2875 Numeric Errors vulnerability in Linux Kernel
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.
local
low complexity
linux debian canonical CWE-189
2.1
2007-05-29 CVE-2007-2451 Unspecified vulnerability in Linux Kernel GEODE-AES
Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.
network
low complexity
linux
5.0
2007-05-07 CVE-2007-1861 Resource Management Errors vulnerability in Linux Kernel
The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow.
local
low complexity
linux CWE-399
4.9
2007-04-11 CVE-2007-1357 Denial Of Service vulnerability in Linux Kernel AppleTalk ATalk_Sum_SKB Function
The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum.
network
low complexity
linux
7.8
2007-03-16 CVE-2007-1497 Unspecified vulnerability in Linux Kernel
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.
network
low complexity
linux
5.0
2007-03-16 CVE-2007-1496 NULL Pointer Dereference vulnerability in Linux Kernel Netfilter NFNetLink_Log
nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference.
local
low complexity
linux
4.9
2007-03-12 CVE-2007-1000 Information Disclosure vulnerability in Linux Kernel IPV6_Getsockopt_Sticky Memory Leak
The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.
local
low complexity
linux
7.2