CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0037
https://notcve.org/view.php?id=CVE-2006-0037
23 Jan 2006 — ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows local users to cause a denial of service (memory corruption or crash) via a crafted outbound packet that causes an incorrect offset to be calculated from pointer arithmetic when non-linear SKBs (socket buffers) are used. • http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=03b9feca89366952ae5dfe4ad8107b1ece50b710 •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2006-0036
https://notcve.org/view.php?id=CVE-2006-0036
23 Jan 2006 — ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows remote attackers to cause a denial of service (memory corruption or crash) via an inbound PPTP_IN_CALL_REQUEST packet that causes a null pointer to be used in an offset calculation. • http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=15db34702cfafd24acc60295cf14861e497502ab •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-0035
https://notcve.org/view.php?id=CVE-2006-0035
11 Jan 2006 — The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0. • http://secunia.com/advisories/18482 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 47EXPL: 0CVE-2006-0095
https://notcve.org/view.php?id=CVE-2006-0095
06 Jan 2006 — dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key. dm-crypt en el kernel de Linux 2.6.15 y versiones anteriores no borra una estructura antes de ser liberada, lo que lleva a una divulgación de memoria que puede permitir a usuarios locales obtener información sensible de una clave criptográfica. • http://marc.info/?l=linux-kernel&m=113640535312572&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 114EXPL: 0CVE-2006-0096
https://notcve.org/view.php?id=CVE-2006-0096
06 Jan 2006 — wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to exploit, since it is protected by CAP_NET_ADMIN; thus it might not be a vulnerability, although capabilities provide finer distinctions between privilege levels. • http://linux.bkbits.net:8080/linux-2.4/cset%401.1448.91.23?nav=index.html%7Csrc/%7Csrc/drivers%7Csrc/drivers/net%7Csrc/drivers/net/wan%7Crelated/drivers/net/wan/sdla.c •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3356
https://notcve.org/view.php?id=CVE-2005-3356
31 Dec 2005 — The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169130 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2005-4605 – Linux Kernel < 2.6.14.6 - 'procfs' Kernel Memory Disclosure
https://notcve.org/view.php?id=CVE-2005-4605
31 Dec 2005 — The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value. • https://www.exploit-db.com/exploits/9363 •
CVSS: 5.5EPSS: 0%CPEs: 60EXPL: 0CVE-2005-0489
https://notcve.org/view.php?id=CVE-2005-0489
31 Dec 2005 — The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory. • http://kernel.debian.net/debian/pool/main/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4_ia64.changes •
CVSS: 5.5EPSS: 0%CPEs: 87EXPL: 1CVE-2005-3359
https://notcve.org/view.php?id=CVE-2005-3359
31 Dec 2005 — The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules. • http://linux.bkbits.net:8080/linux-2.6/cset%404339c66aLroC1_zunYKhEIbtIWrnwg •
CVSS: 9.1EPSS: 1%CPEs: 1EXPL: 0CVE-2005-3623
https://notcve.org/view.php?id=CVE-2005-3623
31 Dec 2005 — nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems. • http://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.html • CWE-862: Missing Authorization •