CVSS: 4.9EPSS: 0%CPEs: 138EXPL: 0CVE-2006-0744
https://notcve.org/view.php?id=CVE-2006-0744
Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5 http://lwn.net/Alerts/180820 http://secunia.com/advisories/19639 http://secunia.com/advisories/19735 http://secunia.com/advisories/20157 http://secunia.com/advisories/20237 http://secunia.com/advisories/20398 http://secunia.com/advisories/20716 http://secunia.com/advisories/20914 http://secunia.com/advisories/21136 http://secunia.com/advisories/21179 http://secunia.com/advisories/21498 http://secunia. • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 80EXPL: 0CVE-2006-0558 – ia64 crash
https://notcve.org/view.php?id=CVE-2006-0558
perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. perfmon (perfmon.c) en kernel de Linux en arquitecturas IA64 permiten a usuarios locales provocar una denegación de servicio (caída) mediante la interrupción de una tarea mientras otro proceso está accediendo al mm_struct, lo que desencadena una acción BUG_ON en la función put_page_testzero. • http://marc.info/?l=linux-ia64&m=113882384921688 http://secunia.com/advisories/19737 http://secunia.com/advisories/20914 http://secunia.com/advisories/26709 http://www.debian.org/security/2006/dsa-1103 http://www.redhat.com/support/errata/RHSA-2007-0774.html http://www.securityfocus.com/bid/17482 http://www.vupen.com/english/advisories/2006/1444 http://www.vupen.com/english/advisories/2006/2554 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=185082 https:// •
CVSS: 1.2EPSS: 0%CPEs: 74EXPL: 0CVE-2006-1066
https://notcve.org/view.php?id=CVE-2006-1066
Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call. El kernel de Linux 2.6.16-rc2 y versiones anteriores cuando se ejecutan sistemas x86_64 con prioridad activada, permite a usuarios locales provocar una denegación de servicio (oops) a través de múltiples tareas ptrace que realizan pasos individuales, lo que pueden provocar la corrupción de la pila DEBUG_STACK durante la llamada a la función do_debug. • http://marc.info/?l=linux-kernel&m=113932292516359&w=2 http://secunia.com/advisories/19374 http://secunia.com/advisories/19955 http://secunia.com/advisories/21614 http://www.debian.org/security/2006/dsa-1017 http://www.mandriva.com/security/advisories?name=MDKSA-2006:151 http://www.osvdb.org/24098 http://www.securityfocus.com/bid/17216 https://usn.ubuntu.com/281-1 •
CVSS: 6.9EPSS: 0%CPEs: 79EXPL: 0CVE-2006-0038
https://notcve.org/view.php?id=CVE-2006-0038
Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. • http://secunia.com/advisories/19330 http://secunia.com/advisories/20671 http://secunia.com/advisories/20716 http://secunia.com/advisories/20914 http://secunia.com/advisories/21465 http://secunia.com/advisories/22417 http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://www.debian.org/security/2006/dsa-1097 http://www.debian.org/security/2006/dsa-1103 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee4bb818ae35f68d1f848eae0a • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 1%CPEs: 156EXPL: 0CVE-2006-1242
https://notcve.org/view.php?id=CVE-2006-1242
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks. • http://secunia.com/advisories/19402 http://secunia.com/advisories/19955 http://secunia.com/advisories/20157 http://secunia.com/advisories/20398 http://secunia.com/advisories/20671 http://secunia.com/advisories/20914 http://secunia.com/advisories/21136 http://secunia.com/advisories/21465 http://secunia.com/advisories/21983 http://secunia.com/advisories/22417 http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm http://support.avaya.com/elmodocs2/security/ASA-2006-200. •