Linux ≫ Linux Kernel

Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices.

mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.

The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users.

IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets.

Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection.

Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.

super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.

Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.