Linux ≫ Linux Kernel

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection.

Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.

super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.

Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.

Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.

Denial of service in Linux 2.2.0 running the ldd command on a core file.

Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.

A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.

The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.