CVSS: 2.1EPSS: 0%CPEs: 62EXPL: 0CVE-2005-2873
https://notcve.org/view.php?id=CVE-2005-2873
09 Sep 2005 — The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vulnerability than CVE-2005-2872. • http://blog.blackdown.de/2005/05/09/fixing-the-ipt_recent-netfilter-module •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2005-2801
https://notcve.org/view.php?id=CVE-2005-2801
06 Sep 2005 — xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied. • http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html • CWE-697: Incorrect Comparison •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 1CVE-2005-2800 – Linux Kernel 2.6.x - SCSI ProcFS Denial of Service
https://notcve.org/view.php?id=CVE-2005-2800
06 Sep 2005 — Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error. • https://www.exploit-db.com/exploits/26248 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 1%CPEs: 63EXPL: 0CVE-2005-2098
https://notcve.org/view.php?id=CVE-2005-2098
22 Aug 2005 — The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 •
CVSS: 6.2EPSS: 15%CPEs: 63EXPL: 0CVE-2005-2458
https://notcve.org/view.php?id=CVE-2005-2458
22 Aug 2005 — inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 •
CVSS: 5.5EPSS: 1%CPEs: 63EXPL: 0CVE-2005-2099
https://notcve.org/view.php?id=CVE-2005-2099
22 Aug 2005 — The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null dereference in the keyring destructor. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 5%CPEs: 63EXPL: 0CVE-2005-2457
https://notcve.org/view.php?id=CVE-2005-2457
22 Aug 2005 — The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 •
CVSS: 6.2EPSS: 9%CPEs: 64EXPL: 0CVE-2005-2459
https://notcve.org/view.php?id=CVE-2005-2459
22 Aug 2005 — The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458. • http://bugs.gentoo.org/show_bug.cgi?id=94584 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-2617
https://notcve.org/view.php?id=CVE-2005-2617
17 Aug 2005 — The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers. • http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9fb1759a3102c26cd8f64254a7c3e532782c2bb8 •
CVSS: 9.1EPSS: 0%CPEs: 65EXPL: 0CVE-2005-2555
https://notcve.org/view.php?id=CVE-2005-2555
16 Aug 2005 — Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c. • http://secunia.com/advisories/17002 • CWE-264: Permissions, Privileges, and Access Controls •