CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 2CVE-2006-1863 – Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass
https://notcve.org/view.php?id=CVE-2006-1863
25 Apr 2006 — Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864. • https://www.exploit-db.com/exploits/27769 •
CVSS: 6.2EPSS: 0%CPEs: 143EXPL: 0CVE-2006-1056
https://notcve.org/view.php?id=CVE-2006-1056
20 Apr 2006 — The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsiste... • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 131EXPL: 0CVE-2006-1525
https://notcve.org/view.php?id=CVE-2006-1525
19 Apr 2006 — ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.8 • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 0%CPEs: 138EXPL: 0CVE-2006-0744
https://notcve.org/view.php?id=CVE-2006-0744
18 Apr 2006 — Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 80EXPL: 0CVE-2006-0558 – ia64 crash
https://notcve.org/view.php?id=CVE-2006-0558
14 Apr 2006 — perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. perfmon (perfmon.c) en kernel de Linux en arquitecturas IA64 permiten a usuarios locales provocar una denegación de servicio (caída) mediante la interrupción de una tarea mientras otro proceso está accediendo al mm_struct, lo que desencadena una acción BUG_ON... • http://marc.info/?l=linux-ia64&m=113882384921688 •
CVSS: 5.5EPSS: 0%CPEs: 74EXPL: 0CVE-2006-1066
https://notcve.org/view.php?id=CVE-2006-1066
27 Mar 2006 — Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call. El kernel de Linux 2.6.16-rc2 y versiones anteriores cuando se ejecutan sistemas x86_64 con prioridad activada, permite a usuarios locales provocar una denegación de servicio (oops) a través de múltiples tareas ptrace que re... • http://marc.info/?l=linux-kernel&m=113932292516359&w=2 •
CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0CVE-2006-1368
https://notcve.org/view.php?id=CVE-2006-1368
23 Mar 2006 — Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure. • http://secunia.com/advisories/19330 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 79EXPL: 0CVE-2006-0038
https://notcve.org/view.php?id=CVE-2006-0038
22 Mar 2006 — Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. • http://secunia.com/advisories/19330 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1343
https://notcve.org/view.php?id=CVE-2006-1343
21 Mar 2006 — net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory. net/ipv4/netfilter/ip_conntrack_core.c en el kernel de Linux 2.4 y 2.6 y posiblemente net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c en 2.6, no aclara sockaddr_in.sin_zero antes... • http://marc.info/?l=linux-netdev&m=114148078223594&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2006-1342 – Linux Kernel 2.4.x/2.5.x/2.6.x - 'Sockaddr_In.Sin_Zero' Kernel Memory Disclosure
https://notcve.org/view.php?id=CVE-2006-1342
21 Mar 2006 — net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory. net/ipv4/af_inet.c en el kernel de Linux 2.4 no aclara sockaddr_in.sin_zero antes de devolver los nombres de socket IPv4 de las funciones (1) getsockname, (2) getpeername y (3) accept, lo que permite a usuarios locales obtener porciones de memoria potencia... • https://www.exploit-db.com/exploits/27461 •