CVSS: 9.1EPSS: 10%CPEs: 135EXPL: 0CVE-2006-1857
https://notcve.org/view.php?id=CVE-2006-1857
22 May 2006 — Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 10%CPEs: 135EXPL: 0CVE-2006-1858
https://notcve.org/view.php?id=CVE-2006-1858
22 May 2006 — SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.17 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 2%CPEs: 78EXPL: 0CVE-2006-1856
https://notcve.org/view.php?id=CVE-2006-1856
19 May 2006 — Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions. • http://lists.jammed.com/linux-security-module/2005/09/0019.html •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0039
https://notcve.org/view.php?id=CVE-2006-0039
19 May 2006 — Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE. • http://bugs.gentoo.org/show_bug.cgi?id=133465 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2006-1855
https://notcve.org/view.php?id=CVE-2006-1855
18 May 2006 — choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process. • http://secunia.com/advisories/20237 •
CVSS: 5.5EPSS: 0%CPEs: 105EXPL: 0CVE-2006-1528
https://notcve.org/view.php?id=CVE-2006-1528
18 May 2006 — Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space. El kernel de Linux en versiones anteriores a 2.6.13 permite a usuarios locales provocar una denegación de servicio (caída) a través de una transferencia dio desde el controlador sg al espacio de memoria asignada (mmap) IO. • http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1 • CWE-20: Improper Input Validation •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1860
https://notcve.org/view.php?id=CVE-2006-1860
12 May 2006 — lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack. • http://secunia.com/advisories/20083 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1859
https://notcve.org/view.php?id=CVE-2006-1859
12 May 2006 — Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return value," aka "slab leak." • http://secunia.com/advisories/20083 •
CVSS: 9.1EPSS: 0%CPEs: 148EXPL: 0CVE-2006-1052
https://notcve.org/view.php?id=CVE-2006-1052
05 May 2006 — The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process. La lógica selinux_ptrace en hooks.c en SELinux para Linux 2.6.6 permite a usuarios locales con permisos ptrace cambiar el trazador SID a un SID de otro proceso. • http://marc.info/?l=git-commits-head&m=114210002712363&w=2 •
CVSS: 7.5EPSS: 20%CPEs: 1EXPL: 0CVE-2006-1527
https://notcve.org/view.php?id=CVE-2006-1527
03 May 2006 — The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function. • http://secunia.com/advisories/19926 •