CVSS: 7.1EPSS: 0%CPEs: 54EXPL: 1CVE-2004-2607
https://notcve.org/view.php?id=CVE-2004-2607
31 Dec 2004 — A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer. • http://secunia.com/advisories/18977 •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2004-0997
https://notcve.org/view.php?id=CVE-2004-0997
31 Dec 2004 — Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors. • http://kernel.debian.net/debian/pool/main/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4_ia64.changes •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2004-2302
https://notcve.org/view.php?id=CVE-2004-2302
31 Dec 2004 — Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files. • http://kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.10-rc1/2.6.10-rc1-mm1/broken-out/fix-race-in-sysfs_read_file-and-sysfs_write_file.patch •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1144
https://notcve.org/view.php?id=CVE-2004-1144
31 Dec 2004 — Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges. • http://marc.info/?l=bugtraq&m=110376890429798&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2004-0138
https://notcve.org/view.php?id=CVE-2004-0138
31 Dec 2004 — The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped. • http://kernel.debian.net/debian/pool/main/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4_ia64.changes •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2004-2536
https://notcve.org/view.php?id=CVE-2004-2536
31 Dec 2004 — The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does not drop those permissions when it exits, which allows other processes to access the per-TSS pointers, access restricted memory locations, and possibly gain privileges. • http://secunia.com/advisories/11577 •
CVSS: 7.8EPSS: 0%CPEs: 102EXPL: 2CVE-2004-2731
https://notcve.org/view.php?id=CVE-2004-2731
31 Dec 2004 — Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function. • http://archives.neohapsis.com/archives/bugtraq/2004-06/0463.html • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 34%CPEs: 62EXPL: 1CVE-2004-1234
https://notcve.org/view.php?id=CVE-2004-1234
31 Dec 2004 — load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=142965 •
CVSS: 5.5EPSS: 0%CPEs: 72EXPL: 0CVE-2004-2660
https://notcve.org/view.php?id=CVE-2004-2660
31 Dec 2004 — Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests. • http://linux.bkbits.net:8080/linux-2.6/cset%404182a613oVsK0-8eCWpyYFrUf8rhLA •
CVSS: 4.7EPSS: 0%CPEs: 32EXPL: 0CVE-2004-1058
https://notcve.org/view.php?id=CVE-2004-1058
22 Dec 2004 — Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline. Condición de carrera en el kernel de Linux 2.6 permite a usurios locales leer las variables de entorno de otros proceso que se está engendrando todavía mediante /proc/.../cmdline. • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •