CVE-2006-1055
- EPSS 0.58%
- Veröffentlicht 05.04.2006 17:04:00
- Zuletzt bearbeitet 16.06.2026 22:21:56
The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash...
CVE-2006-1624
- EPSS 2.78%
- Veröffentlicht 05.04.2006 10:04:00
- Zuletzt bearbeitet 16.06.2026 22:23:19
The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses.
CVE-2006-1066
- EPSS 0.34%
- Veröffentlicht 27.03.2006 00:02:00
- Zuletzt bearbeitet 16.06.2026 22:21:57
Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK sta...
- EPSS 6.01%
- Veröffentlicht 23.03.2006 23:06:00
- Zuletzt bearbeitet 16.06.2026 22:22:32
Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to b...
CVE-2006-0038
- EPSS 0.4%
- Veröffentlicht 22.03.2006 20:06:00
- Zuletzt bearbeitet 16.06.2026 22:19:46
Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.
CVE-2006-1342
- EPSS 0.71%
- Veröffentlicht 21.03.2006 18:02:00
- Zuletzt bearbeitet 16.06.2026 22:22:28
net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive me...
CVE-2006-1343
- EPSS 0.42%
- Veröffentlicht 21.03.2006 18:02:00
- Zuletzt bearbeitet 16.06.2026 22:22:28
net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGIN...
- EPSS 3.43%
- Veröffentlicht 15.03.2006 17:06:00
- Zuletzt bearbeitet 16.06.2026 22:22:17
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which b...
CVE-2006-0457
- EPSS 2.73%
- Veröffentlicht 14.03.2006 02:02:00
- Zuletzt bearbeitet 16.06.2026 22:20:38
Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time t...
CVE-2006-0557
- EPSS 0.46%
- Veröffentlicht 12.03.2006 21:02:00
- Zuletzt bearbeitet 16.06.2026 22:20:50
sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors.