CVSS: 7.5EPSS: 4%CPEs: 252EXPL: 0CVE-2007-2876 – nf}_conntrack_sctp: remotely triggerable NULL ptr dereference
https://notcve.org/view.php?id=CVE-2007-2876
11 Jun 2007 — The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference. La función sctp_new en (1) ip_conntrack_proto_sctp.c y (2) nf_conntrack_proto_sctp.c en Netfilter en Linux kernel 2.6 anterior a 2.6.20.13, y 2.6.21.x anterior a 2.6.21.4, permite a atacantes remotos provocar deneg... • http://marc.info/?l=linux-kernel&m=118128610219959&w=2 •
CVSS: 9.1EPSS: 0%CPEs: 252EXPL: 0CVE-2007-2453 – /dev/random broken
https://notcve.org/view.php?id=CVE-2007-2453
11 Jun 2007 — The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source. La característica de número aleatorio en Linux kernel 2.6 anterior a 2.6.20.13, y 2.6.21.x anterior a 2.6.21.4, (1) no rellena adecuadamente la quiniela cuando no hay entropia, o ... • http://marc.info/?l=linux-kernel&m=118128610219959&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 211EXPL: 0CVE-2006-5823
https://notcve.org/view.php?id=CVE-2006-5823
09 Nov 2006 — The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs. La función zlib_inflate en el núcleo de Linux 2.6.x permite a usuarios locales provocar una denegación de servicio (caída) mediante un sistema de ficheros mal formado que utiliza compresión zlib que provoca una corrupción de memoria, como se ha demostrado utilizando cramfs. • http://projects.info-pull.com/mokb/MOKB-07-11-2006.html •
CVSS: 4.7EPSS: 0%CPEs: 105EXPL: 2CVE-2006-5757 – Linux Kernel 2.6.x - 'ISO9660' Denial of Service
https://notcve.org/view.php?id=CVE-2006-5757
06 Nov 2006 — Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures. Condición de carrera en la función __find_get_block_slow en el sistema de ficheros ISO9660 en Linux 2.6.18 y posiblemente otras versiones permite a usuarios locales provocar una denegación de servicio (bucle infinito) montando un sistema de fishe... • https://www.exploit-db.com/exploits/28912 • CWE-17: DEPRECATED: Code CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 107EXPL: 4CVE-2006-5701 – Linux Kernel 2.6.x - SquashFS Double-Free Denial of Service
https://notcve.org/view.php?id=CVE-2006-5701
03 Nov 2006 — Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem. Vulnerabilidad doble-libre en módulo squashfs en el kernel de Linux 2.6.x, tal y como se usa en Fedora Core 5 y posiblemente otras distribuciones, permite a un usuario local provocar denegación de servicio a través del montado manipualado del sistema de ficheros. • https://www.exploit-db.com/exploits/28895 •
CVSS: 5.5EPSS: 0%CPEs: 106EXPL: 0CVE-2006-4813
https://notcve.org/view.php?id=CVE-2006-4813
12 Oct 2006 — The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked. La función __block_prepare_write en fs/buffer.c para Linux kernel 2.6.x anteriores a 2.6.13 no limpia correctamente los búferes durante ciertas condiciones de error, que permite a usuarios locales leer porciones de ficheros que han sido desvinculados. • http://osvdb.org/31376 •
CVSS: 5.5EPSS: 0%CPEs: 285EXPL: 0CVE-2006-3741
https://notcve.org/view.php?id=CVE-2006-3741
09 Oct 2006 — The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file descriptor consumption). La llamada al sistema perfmonctl (sys_perfmonctl) en el núcleo Linux 2.4.x y 2.6 anterior a 2.6.18, cuando se ejecuta en sistemas Itanium, no lleva correctamente la cuenta de referencias a los descriptores de fichero, lo que permite a usua... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204360 •
CVSS: 7.1EPSS: 0%CPEs: 201EXPL: 0CVE-2006-5174
https://notcve.org/view.php?id=CVE-2006-5174
05 Oct 2006 — The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer. La función copy_from_user en el código uaccess en Linux kernel 2.6 anterior a 2.6.19-rc1, cuando funciona sobre s390, no correctamente claro un búfe... • http://lkml.org/lkml/2006/11/5/46 •
CVSS: 7.8EPSS: 43%CPEs: 191EXPL: 1CVE-2006-3468 – Linux Kernel 2.6.17.7 - NFS and EXT3 Combination Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-3468
18 Jul 2006 — Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only. Linux kernel 2.6.x, cuando utiliza NFS y EXT3, permite a atacantes remotos provocar denegación de servicio (panic en el sistema de archivos) a través de paquetes UDP manipulados con un procedimiento de bú... • https://www.exploit-db.com/exploits/28358 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2006-2935
https://notcve.org/view.php?id=CVE-2006-2935
05 Jul 2006 — The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. La función dvd_read_bca en el código de manejo de los DVD en el fichero drivers/cdrom/cdrom.c del kernel de Linux v2.2.16 y posteriores, asigna un valor incorrecto a la variable "length" (longitud), lo que permite a usuarios loca... • http://bugzilla.kernel.org/show_bug.cgi?id=2966 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •