CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-0036
https://notcve.org/view.php?id=CVE-2006-0036
23 Jan 2006 — ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows remote attackers to cause a denial of service (memory corruption or crash) via an inbound PPTP_IN_CALL_REQUEST packet that causes a null pointer to be used in an offset calculation. • http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=15db34702cfafd24acc60295cf14861e497502ab •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-0035
https://notcve.org/view.php?id=CVE-2006-0035
11 Jan 2006 — The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0. • http://secunia.com/advisories/18482 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 47EXPL: 0CVE-2006-0095
https://notcve.org/view.php?id=CVE-2006-0095
06 Jan 2006 — dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key. dm-crypt en el kernel de Linux 2.6.15 y versiones anteriores no borra una estructura antes de ser liberada, lo que lleva a una divulgación de memoria que puede permitir a usuarios locales obtener información sensible de una clave criptográfica. • http://marc.info/?l=linux-kernel&m=113640535312572&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 114EXPL: 0CVE-2006-0096 – Mandriva Linux Security Advisory 2006.116
https://notcve.org/view.php?id=CVE-2006-0096
06 Jan 2006 — wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to exploit, since it is protected by CAP_NET_ADMIN; thus it might not be a vulnerability, although capabilities provide finer distinctions between privilege levels. A ridiculous number of vulnerabilities were discovered and corrected in the L... • http://linux.bkbits.net:8080/linux-2.4/cset%401.1448.91.23?nav=index.html%7Csrc/%7Csrc/drivers%7Csrc/drivers/net%7Csrc/drivers/net/wan%7Crelated/drivers/net/wan/sdla.c •
CVSS: 7.5EPSS: 0%CPEs: 70EXPL: 0CVE-2005-4798
https://notcve.org/view.php?id=CVE-2005-4798
31 Dec 2005 — Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client. • http://secunia.com/advisories/20398 •
CVSS: 7.5EPSS: 1%CPEs: 175EXPL: 0CVE-2005-4635
https://notcve.org/view.php?id=CVE-2005-4635
31 Dec 2005 — The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages. • http://secunia.com/advisories/18216 •
CVSS: 5.5EPSS: 0%CPEs: 60EXPL: 0CVE-2005-0489 – Debian Linux Security Advisory 1067-1
https://notcve.org/view.php?id=CVE-2005-0489
31 Dec 2005 — The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory. Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. • http://kernel.debian.net/debian/pool/main/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4_ia64.changes •
CVSS: 5.5EPSS: 0%CPEs: 80EXPL: 2CVE-2005-4352 – rt-sa-2005-16.txt
https://notcve.org/view.php?id=CVE-2005-4352
31 Dec 2005 — The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap." The implementations of securelevels on NetBSD and Linux contain an integer overflow, allowing the protection of system time to ... • http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041178.html •
CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2005-0136
https://notcve.org/view.php?id=CVE-2005-0136
31 Dec 2005 — The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. • http://lists.alioth.debian.org/pipermail/kernel-svn-changes/2005-August/002597.html •
CVSS: 7.1EPSS: 0%CPEs: 72EXPL: 0CVE-2005-4618 – Mandriva Linux Security Advisory 2006.116
https://notcve.org/view.php?id=CVE-2005-4618
31 Dec 2005 — Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified. A ridiculous number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15 •