Page 365 of 3898 results (0.027 seconds)

CVSS: 9.1EPSS: 1%CPEs: 25EXPL: 0

20 Oct 2005 — Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets. • http://linux.bkbits.net:8080/linux-2.6/cset%40429a310bRFOXOmZvKaGXW8A5Qd9F1A •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2

18 Oct 2005 — The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys. • https://www.exploit-db.com/exploits/26353 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

11 Oct 2005 — The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information. • http://marc.info/?l=bugtraq&m=112914754708402&w=2 •

CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0

11 Oct 2005 — drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information. • http://bugs.gentoo.org/show_bug.cgi?id=107893 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

11 Oct 2005 — The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption). • http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=829841146878e082613a49581ae252c071057c23 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

11 Oct 2005 — Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys. • http://linux.bkbits.net:8080/linux-2.6/cset%4043483fddCiQX1WyG_orbko06TrjMVA • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

07 Oct 2005 — Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service. • http://freshmeat.net/articles/view/1678 •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

30 Sep 2005 — Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec. • http://linux.bkbits.net:8080/linux-2.6/diffs/fs/exec.c%401.156?nav=index.html%7Csrc/%7Csrc/fs%7Chist/fs/exec.c • CWE-667: Improper Locking •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

30 Sep 2005 — The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus. • http://secunia.com/advisories/17141 • CWE-399: Resource Management Errors •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

30 Sep 2005 — mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist. • http://secunia.com/advisories/17141 •