Page 589 of 2995 results (0.030 seconds)

CVSS: 5.0EPSS: 2%CPEs: 63EXPL: 0

The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/17073 http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 http://www.redhat.com/support/errata/RHSA-2005-514.html http://www.securityfocus.com/archive/1/427980/100/0/threaded http://www.securityfocus.com/bid/14521 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9638 https://usn.ubuntu.com/169-1 •

CVSS: 5.0EPSS: 5%CPEs: 63EXPL: 0

The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/16500 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/19369 http://secunia.com/advisories/19374 http://www.debian.org/security/2006/dsa-1017 http://www.debian.org/security/2006/dsa-1018 http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 http://www.mandriva.com/security/advis •

CVSS: 5.0EPSS: 12%CPEs: 63EXPL: 0

inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/16500 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/18056 http://secunia.com/advisories/18059 http://secunia.com/advisories/18510 http://secunia.com/advisories/18684 http://secunia.com/advisories/19252 http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html http://www.debian •

CVSS: 5.0EPSS: 4%CPEs: 64EXPL: 0

The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458. • http://bugs.gentoo.org/show_bug.cgi?id=94584 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/16500 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/18056 http://secunia.com/advisories/18059 http://www.debian.org/security/2005/dsa-921 http://www.debian.org/security/2005/dsa-922 http://www.mandriva.com/security/advisories?name=MDKSA&# • CWE-476: NULL Pointer Dereference •

CVSS: 5.0EPSS: 2%CPEs: 63EXPL: 0

The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null dereference in the keyring destructor. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/17073 http://securitytracker.com/id?1014644 http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 http://www.redhat.com/support/errata/RHSA-2005-514.html http://www.securityfocus.com/archive/1/427980/100/0/threaded http://www.securityfocus.com/bid/14517 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A907 • CWE-399: Resource Management Errors •