CVSS: 5.5EPSS: 1%CPEs: 63EXPL: 0CVE-2005-2098
https://notcve.org/view.php?id=CVE-2005-2098
22 Aug 2005 — The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 •
CVSS: 6.2EPSS: 15%CPEs: 63EXPL: 0CVE-2005-2458
https://notcve.org/view.php?id=CVE-2005-2458
22 Aug 2005 — inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 •
CVSS: 5.5EPSS: 1%CPEs: 63EXPL: 0CVE-2005-2099
https://notcve.org/view.php?id=CVE-2005-2099
22 Aug 2005 — The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null dereference in the keyring destructor. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 5%CPEs: 63EXPL: 0CVE-2005-2457
https://notcve.org/view.php?id=CVE-2005-2457
22 Aug 2005 — The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 •
CVSS: 6.2EPSS: 9%CPEs: 64EXPL: 0CVE-2005-2459
https://notcve.org/view.php?id=CVE-2005-2459
22 Aug 2005 — The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458. • http://bugs.gentoo.org/show_bug.cgi?id=94584 • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 0%CPEs: 65EXPL: 0CVE-2005-2555
https://notcve.org/view.php?id=CVE-2005-2555
16 Aug 2005 — Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c. • http://secunia.com/advisories/17002 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 92EXPL: 0CVE-2005-1768
https://notcve.org/view.php?id=CVE-2005-1768
11 Jul 2005 — Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow. • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 9.1EPSS: 0%CPEs: 29EXPL: 1CVE-2005-1264
https://notcve.org/view.php?id=CVE-2005-1264
17 May 2005 — Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589. • http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html •
CVSS: 7.8EPSS: 0%CPEs: 129EXPL: 1CVE-2005-1263 – Linux Kernel 2.2.x/2.3.x/2.4.x/2.5.x/2.6.x - ELF Core Dump Local Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2005-1263
11 May 2005 — The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pass a signed integer comparison, leading to a buffer overflow. • https://www.exploit-db.com/exploits/25647 •
CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2005-1368
https://notcve.org/view.php?id=CVE-2005-1368
02 May 2005 — The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.8 •