Vulnerabilities > Linux > Linux Kernel > 2.6.15.5

DATE CVE VULNERABILITY TITLE RISK
2007-02-06 CVE-2007-0006 Local Denial of Service vulnerability in Linux Kernel Key_Alloc_Serial()
The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion." The scheme for selecting serial numbers was changed from incrementing a counter to random number selection, increasing the likelihood of a serial number collision.
local
linux
1.9
2006-12-19 CVE-2006-6106 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.
network
low complexity
linux CWE-119
7.5
2006-11-22 CVE-2006-6060 Denial-Of-Service vulnerability in kernel
The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a malformed NTFS file stream that triggers an infinite loop in the __find_get_block_slow function.
local
low complexity
linux
4.9
2006-11-22 CVE-2006-6058 Numeric Errors vulnerability in Linux Kernel
The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function.
local
high complexity
linux CWE-189
4.0
2006-11-22 CVE-2006-6057 Denial-Of-Service vulnerability in kernel
The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly other operating systems, allows local users to cause a denial of service (crash) via a malformed gfs2 file stream that triggers a NULL pointer dereference in the init_journal function.
local
low complexity
linux
4.9
2006-11-22 CVE-2006-6056 Denial-Of-Service vulnerability in kernel
Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows local users to cause a denial of service (crash) via a malformed file stream that triggers a NULL pointer dereference in the superblock_doinit function, as demonstrated using an HFS filesystem image.
local
low complexity
linux
4.9
2006-11-22 CVE-2006-6054 Denial-Of-Service vulnerability in kernel
The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum.
local
high complexity
linux
4.0
2006-11-22 CVE-2006-6053 Denial-Of-Service vulnerability in kernel
The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures.
local
low complexity
linux
4.9
2006-11-09 CVE-2006-5823 Denial-Of-Service vulnerability in kernel
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.
local
high complexity
linux
4.0
2006-11-06 CVE-2006-5757 Resource Management Errors vulnerability in Linux Kernel
Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures.
local
high complexity
linux CWE-399
1.2