CVSS: 2.1EPSS: 0%CPEs: 14EXPL: 1CVE-2005-2800 – Linux Kernel 2.6.x - SCSI ProcFS Denial of Service
https://notcve.org/view.php?id=CVE-2005-2800
Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error. • https://www.exploit-db.com/exploits/26248 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/18510 http://secunia.com/advisories/19374 http://www.debian.org/security/2006/dsa-1017 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=729d70f5dfd663b44bca68a4479c96bde7e535d6 http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 htt • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 2%CPEs: 63EXPL: 0CVE-2005-2098
https://notcve.org/view.php?id=CVE-2005-2098
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/17073 http://www.mandriva.com/security/advisories?name=MDKSA-2005:220 http://www.redhat.com/support/errata/RHSA-2005-514.html http://www.securityfocus.com/archive/1/427980/100/0/threaded http://www.securityfocus.com/bid/14521 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9638 https://usn.ubuntu.com/169-1 •
CVSS: 5.0EPSS: 5%CPEs: 63EXPL: 0CVE-2005-2457
https://notcve.org/view.php?id=CVE-2005-2457
The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system. • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/16500 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/19369 http://secunia.com/advisories/19374 http://www.debian.org/security/2006/dsa-1017 http://www.debian.org/security/2006/dsa-1018 http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 http://www.mandriva.com/security/advis •
CVSS: 5.0EPSS: 12%CPEs: 63EXPL: 0CVE-2005-2458
https://notcve.org/view.php?id=CVE-2005-2458
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/16500 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/18056 http://secunia.com/advisories/18059 http://secunia.com/advisories/18510 http://secunia.com/advisories/18684 http://secunia.com/advisories/19252 http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html http://www.debian •
CVSS: 5.0EPSS: 4%CPEs: 64EXPL: 0CVE-2005-2459
https://notcve.org/view.php?id=CVE-2005-2459
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458. • http://bugs.gentoo.org/show_bug.cgi?id=94584 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/16500 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/18056 http://secunia.com/advisories/18059 http://www.debian.org/security/2005/dsa-921 http://www.debian.org/security/2005/dsa-922 http://www.mandriva.com/security/advisories?name=MDKSA&# • CWE-476: NULL Pointer Dereference •