CVSS: 5.5EPSS: 0%CPEs: 131EXPL: 0CVE-2006-1525
https://notcve.org/view.php?id=CVE-2006-1525
19 Apr 2006 — ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.8 • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 0%CPEs: 138EXPL: 0CVE-2006-0744
https://notcve.org/view.php?id=CVE-2006-0744
18 Apr 2006 — Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 80EXPL: 0CVE-2006-0558 – ia64 crash
https://notcve.org/view.php?id=CVE-2006-0558
14 Apr 2006 — perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. perfmon (perfmon.c) en kernel de Linux en arquitecturas IA64 permiten a usuarios locales provocar una denegación de servicio (caída) mediante la interrupción de una tarea mientras otro proceso está accediendo al mm_struct, lo que desencadena una acción BUG_ON... • http://marc.info/?l=linux-ia64&m=113882384921688 •
CVSS: 5.5EPSS: 11%CPEs: 43EXPL: 0CVE-2006-1055
https://notcve.org/view.php?id=CVE-2006-1055
05 Apr 2006 — The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read. • http://lwn.net/Alerts/180820 •
CVSS: 5.5EPSS: 0%CPEs: 74EXPL: 0CVE-2006-1066
https://notcve.org/view.php?id=CVE-2006-1066
27 Mar 2006 — Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call. El kernel de Linux 2.6.16-rc2 y versiones anteriores cuando se ejecutan sistemas x86_64 con prioridad activada, permite a usuarios locales provocar una denegación de servicio (oops) a través de múltiples tareas ptrace que re... • http://marc.info/?l=linux-kernel&m=113932292516359&w=2 •
CVSS: 10.0EPSS: 11%CPEs: 1EXPL: 0CVE-2006-1368
https://notcve.org/view.php?id=CVE-2006-1368
23 Mar 2006 — Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure. • http://secunia.com/advisories/19330 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 79EXPL: 0CVE-2006-0038
https://notcve.org/view.php?id=CVE-2006-0038
22 Mar 2006 — Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. • http://secunia.com/advisories/19330 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1343
https://notcve.org/view.php?id=CVE-2006-1343
21 Mar 2006 — net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory. net/ipv4/netfilter/ip_conntrack_core.c en el kernel de Linux 2.4 y 2.6 y posiblemente net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c en 2.6, no aclara sockaddr_in.sin_zero antes... • http://marc.info/?l=linux-netdev&m=114148078223594&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2006-1342 – Linux Kernel 2.4.x/2.5.x/2.6.x - 'Sockaddr_In.Sin_Zero' Kernel Memory Disclosure
https://notcve.org/view.php?id=CVE-2006-1342
21 Mar 2006 — net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory. net/ipv4/af_inet.c en el kernel de Linux 2.4 no aclara sockaddr_in.sin_zero antes de devolver los nombres de socket IPv4 de las funciones (1) getsockname, (2) getpeername y (3) accept, lo que permite a usuarios locales obtener porciones de memoria potencia... • https://www.exploit-db.com/exploits/27461 •
CVSS: 7.5EPSS: 3%CPEs: 156EXPL: 0CVE-2006-1242
https://notcve.org/view.php?id=CVE-2006-1242
15 Mar 2006 — The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks. • http://secunia.com/advisories/19402 •