CVSS: 9.8EPSS: 10%CPEs: 135EXPL: 0CVE-2006-1858
https://notcve.org/view.php?id=CVE-2006-1858
22 May 2006 — SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.17 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 2%CPEs: 78EXPL: 0CVE-2006-1856
https://notcve.org/view.php?id=CVE-2006-1856
19 May 2006 — Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions. • http://lists.jammed.com/linux-security-module/2005/09/0019.html •
CVSS: 5.5EPSS: 0%CPEs: 105EXPL: 0CVE-2006-1528
https://notcve.org/view.php?id=CVE-2006-1528
18 May 2006 — Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space. El kernel de Linux en versiones anteriores a 2.6.13 permite a usuarios locales provocar una denegación de servicio (caída) a través de una transferencia dio desde el controlador sg al espacio de memoria asignada (mmap) IO. • http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 148EXPL: 0CVE-2006-1052
https://notcve.org/view.php?id=CVE-2006-1052
05 May 2006 — The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process. La lógica selinux_ptrace en hooks.c en SELinux para Linux 2.6.6 permite a usuarios locales con permisos ptrace cambiar el trazador SID a un SID de otro proceso. • http://marc.info/?l=git-commits-head&m=114210002712363&w=2 •
CVSS: 7.1EPSS: 0%CPEs: 157EXPL: 0CVE-2006-2071
https://notcve.org/view.php?id=CVE-2006-2071
27 Apr 2006 — Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6 •
CVSS: 6.2EPSS: 0%CPEs: 143EXPL: 0CVE-2006-1056
https://notcve.org/view.php?id=CVE-2006-1056
20 Apr 2006 — The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsiste... • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc • CWE-310: Cryptographic Issues •
CVSS: 9.1EPSS: 0%CPEs: 138EXPL: 0CVE-2006-0744
https://notcve.org/view.php?id=CVE-2006-0744
18 Apr 2006 — Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 80EXPL: 0CVE-2006-0558 – ia64 crash
https://notcve.org/view.php?id=CVE-2006-0558
14 Apr 2006 — perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. perfmon (perfmon.c) en kernel de Linux en arquitecturas IA64 permiten a usuarios locales provocar una denegación de servicio (caída) mediante la interrupción de una tarea mientras otro proceso está accediendo al mm_struct, lo que desencadena una acción BUG_ON... • http://marc.info/?l=linux-ia64&m=113882384921688 •
CVSS: 5.5EPSS: 0%CPEs: 74EXPL: 0CVE-2006-1066
https://notcve.org/view.php?id=CVE-2006-1066
27 Mar 2006 — Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call. El kernel de Linux 2.6.16-rc2 y versiones anteriores cuando se ejecutan sistemas x86_64 con prioridad activada, permite a usuarios locales provocar una denegación de servicio (oops) a través de múltiples tareas ptrace que re... • http://marc.info/?l=linux-kernel&m=113932292516359&w=2 •
CVSS: 9.1EPSS: 0%CPEs: 79EXPL: 0CVE-2006-0038
https://notcve.org/view.php?id=CVE-2006-0038
22 Mar 2006 — Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. • http://secunia.com/advisories/19330 • CWE-189: Numeric Errors •