CVE-2007-0771
- EPSS 0.38%
- Veröffentlicht 02.05.2007 22:19:00
- Zuletzt bearbeitet 16.06.2026 22:36:15
The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c.
CVE-2007-1353
- EPSS 0.41%
- Veröffentlicht 24.04.2007 16:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:24
The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function...
CVE-2007-2172
- EPSS 0.43%
- Veröffentlicht 22.04.2007 19:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:04
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, I...
CVE-2007-1357
- EPSS 13.53%
- Veröffentlicht 11.04.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:25
The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON c...
CVE-2007-1734
- EPSS 0.73%
- Veröffentlicht 28.03.2007 22:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:12
The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a ...
CVE-2007-1730
- EPSS 0.77%
- Veröffentlicht 28.03.2007 10:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:11
Integer signedness error in the DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service (oops) via a negative optlen value.
CVE-2007-1592
- EPSS 0.41%
- Veröffentlicht 22.03.2007 19:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:55
net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6...
CVE-2007-1496
- EPSS 0.43%
- Veröffentlicht 16.03.2007 22:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:42
nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) brid...
- EPSS 3.02%
- Veröffentlicht 16.03.2007 22:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:42
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fr...
CVE-2007-1000
- EPSS 1.1%
- Veröffentlicht 12.03.2007 23:19:00
- Zuletzt bearbeitet 16.06.2026 22:36:43
The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.