Vulnerabilities > Linux > Linux Kernel > 2.6.15.5

DATE CVE VULNERABILITY TITLE RISK
2006-08-23 CVE-2006-3745 Buffer Overflow vulnerability in Linux Kernel SCTP_Make_Abort_User Function
Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors.
local
low complexity
linux
7.2
2006-08-21 CVE-2006-4093 Local Denial of Service vulnerability in Linux Kernel PPC970 Systems
Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time." Upgrade to Linux Kernel version 2.4.33.1
local
low complexity
linux canonical debian
4.9
2006-08-21 CVE-2006-4145 Resource Management Errors vulnerability in Linux Kernel
The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.
local
low complexity
linux CWE-399
4.9
2006-07-21 CVE-2006-3468 Remote Denial of Service vulnerability in Linux Kernel NFS and EXT3 Combination
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only.
network
low complexity
linux
7.8
2006-07-05 CVE-2006-2935 Classic Buffer Overflow vulnerability in multiple products
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.
local
low complexity
linux debian canonical CWE-120
4.6
2006-06-23 CVE-2006-3085 Remote Denial of Service vulnerability in Linux Kernel XT_SCTP-netfilter
xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length.
network
low complexity
linux
7.8
2006-05-27 CVE-2006-2629 Local Denial of Service vulnerability in Linux Kernel Proc dentry_unused Corruption
Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing the /proc entry of a task that is exiting, which causes memory corruption that leads to a failure in the prune_dcache function or a BUG_ON error in include/linux/list.h.
local
high complexity
linux
4.0
2006-05-22 CVE-2006-1858 Improper Input Validation vulnerability in Linux Kernel
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.
network
low complexity
linux CWE-20
7.8
2006-05-22 CVE-2006-1857 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel
Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk.
network
low complexity
linux CWE-119
critical
9.0
2006-05-19 CVE-2006-1856 Unspecified vulnerability in Linux Kernel
Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions.
network
low complexity
linux
7.5