Vulnerabilities > Linux > Linux Kernel > 2.6.16.rc7

DATE CVE VULNERABILITY TITLE RISK
2008-05-08 CVE-2008-1669 Race Condition vulnerability in Linux Kernel
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
local
linux CWE-362
6.9
2008-01-29 CVE-2007-6694 Resource Management Errors vulnerability in Linux Kernel
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference.
network
low complexity
linux apple CWE-399
7.8
2007-06-11 CVE-2007-2876 Denial Of Service vulnerability in Linux Kernel SCTP Connection
The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.
low complexity
linux
6.1
2007-06-11 CVE-2007-2453 Unspecified vulnerability in Linux Kernel
The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source.
local
high complexity
linux
1.2
2007-05-29 CVE-2007-2451 Unspecified vulnerability in Linux Kernel GEODE-AES
Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.
network
low complexity
linux
5.0
2007-03-02 CVE-2007-1217 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel
Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet.
local
linux CWE-119
6.9
2006-11-09 CVE-2006-5823 Denial-Of-Service vulnerability in kernel
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.
local
high complexity
linux
4.0
2006-07-21 CVE-2006-3468 Remote Denial of Service vulnerability in Linux Kernel NFS and EXT3 Combination
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only.
network
low complexity
linux
7.8
2006-05-05 CVE-2006-1052 Local Denial of Service vulnerability in Linux Kernel SELinux_PTrace
The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.
local
low complexity
linux
2.1
2006-04-26 CVE-2006-1864 Unspecified vulnerability in Linux Kernel
Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863.
local
low complexity
linux
4.6