CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2005-3753
https://notcve.org/view.php?id=CVE-2005-3753
22 Nov 2005 — Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker. • http://bugzilla.kernel.org/show_bug.cgi?id=5194 •
CVSS: 9.1EPSS: 0%CPEs: 134EXPL: 1CVE-2005-2709 – Linux Kernel 2.6.x - Sysctl Unregistration Local Denial of Service
https://notcve.org/view.php?id=CVE-2005-2709
20 Nov 2005 — The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table. Multiple kernel vulnerabilities have been addressed with the latest package from Ubuntu. • https://www.exploit-db.com/exploits/26489 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 1CVE-2005-2973 – Linux Kernel 2.6.x - IPv6 Local Denial of Service
https://notcve.org/view.php?id=CVE-2005-2973
27 Oct 2005 — The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash). Multiple kernel vulnerabilities have been addressed with the latest package from Ubuntu. • https://www.exploit-db.com/exploits/26382 •
CVSS: 9.1EPSS: 1%CPEs: 25EXPL: 0CVE-2005-3272 – Mandriva Linux Security Advisory 2007.025
https://notcve.org/view.php?id=CVE-2005-3272
20 Oct 2005 — Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets. Multiple kernel vulnerabilities have been addressed with the latest package from Ubuntu. • http://linux.bkbits.net:8080/linux-2.6/cset%40429a310bRFOXOmZvKaGXW8A5Qd9F1A •
CVSS: 9.1EPSS: 3%CPEs: 133EXPL: 0CVE-2005-3273 – Ubuntu Security Notice 219-1
https://notcve.org/view.php?id=CVE-2005-3273
20 Oct 2005 — The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats. Multiple kernel vulnerabilities have been addressed with the latest package from Ubuntu. • http://linux.bkbits.net:8080/linux-2.4/cset%4041e2cf515TpixcVQ8q8HvQvCv9E6zA • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2005-3274 – Ubuntu Security Notice 219-1
https://notcve.org/view.php?id=CVE-2005-3274
20 Oct 2005 — Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired. Multiple kernel vulnerabilities have been addressed with the latest package from Ubuntu. • http://lkml.org/lkml/2005/6/23/249 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 9%CPEs: 117EXPL: 0CVE-2005-3275 – Ubuntu Security Notice 219-1
https://notcve.org/view.php?id=CVE-2005-3275
20 Oct 2005 — The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption. Multiple kernel vulnerabilities have been addressed with the latest package from Ubuntu. • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0CVE-2005-3276 – Ubuntu Security Notice 219-1
https://notcve.org/view.php?id=CVE-2005-3276
20 Oct 2005 — The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information. Multiple kernel vulnerabilities have been addressed with the latest package from Ubuntu. • http://linux.bkbits.net:8080/linux-2.6/cset%4042e81864gSEM90Oun0jA8dufpM3inw •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2005-3257 – Linux Kernel 2.6 - Console Keymap Local Command Injection
https://notcve.org/view.php?id=CVE-2005-3257
18 Oct 2005 — The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys. • https://www.exploit-db.com/exploits/26353 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2005-3181
https://notcve.org/view.php?id=CVE-2005-3181
11 Oct 2005 — The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption). • http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 • CWE-401: Missing Release of Memory after Effective Lifetime •