CVSS: 7.8EPSS: 90%CPEs: 172EXPL: 1CVE-2006-2444 – Linux Kernel < 2.6.16.18 - Netfilter NAT SNMP Module Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-2444
25 May 2006 — The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite. • https://www.exploit-db.com/exploits/1880 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2006-1862
https://notcve.org/view.php?id=CVE-2006-1862
24 May 2006 — The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service (panic) by running lsof a large number of times in a way that produces a heavy system load. • http://osvdb.org/31663 •
CVSS: 9.1EPSS: 10%CPEs: 135EXPL: 0CVE-2006-1857
https://notcve.org/view.php?id=CVE-2006-1857
22 May 2006 — Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 10%CPEs: 135EXPL: 0CVE-2006-1858
https://notcve.org/view.php?id=CVE-2006-1858
22 May 2006 — SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.17 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 2%CPEs: 78EXPL: 0CVE-2006-1856
https://notcve.org/view.php?id=CVE-2006-1856
19 May 2006 — Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions. • http://lists.jammed.com/linux-security-module/2005/09/0019.html •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0039
https://notcve.org/view.php?id=CVE-2006-0039
19 May 2006 — Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE. • http://bugs.gentoo.org/show_bug.cgi?id=133465 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2006-1855
https://notcve.org/view.php?id=CVE-2006-1855
18 May 2006 — choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process. • http://secunia.com/advisories/20237 •
CVSS: 5.5EPSS: 0%CPEs: 105EXPL: 0CVE-2006-1528
https://notcve.org/view.php?id=CVE-2006-1528
18 May 2006 — Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space. El kernel de Linux en versiones anteriores a 2.6.13 permite a usuarios locales provocar una denegación de servicio (caída) a través de una transferencia dio desde el controlador sg al espacio de memoria asignada (mmap) IO. • http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1 • CWE-20: Improper Input Validation •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1860
https://notcve.org/view.php?id=CVE-2006-1860
12 May 2006 — lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack. • http://secunia.com/advisories/20083 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1859
https://notcve.org/view.php?id=CVE-2006-1859
12 May 2006 — Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return value," aka "slab leak." • http://secunia.com/advisories/20083 •