Linux ≫ Linux Kernel

KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.

KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.

Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it.

Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.

Nestea variation of teardrop IP fragmentation denial of service.

Linux bdash game has a buffer overflow that allows local users to gain root access.

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

Denial of service of inetd on Linux through SYN and RST packets.

File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).

Linux implementations of TFTP would allow access to files outside the restricted directory.