Linux

Linux Kernel

16156 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.58%
  • Veröffentlicht 05.04.2006 17:04:00
  • Zuletzt bearbeitet 16.06.2026 22:21:56

The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash...

  • EPSS 2.78%
  • Veröffentlicht 05.04.2006 10:04:00
  • Zuletzt bearbeitet 16.06.2026 22:23:19

The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses.

  • EPSS 0.34%
  • Veröffentlicht 27.03.2006 00:02:00
  • Zuletzt bearbeitet 16.06.2026 22:21:57

Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK sta...

  • EPSS 6.01%
  • Veröffentlicht 23.03.2006 23:06:00
  • Zuletzt bearbeitet 16.06.2026 22:22:32

Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to b...

  • EPSS 0.4%
  • Veröffentlicht 22.03.2006 20:06:00
  • Zuletzt bearbeitet 16.06.2026 22:19:46

Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.

  • EPSS 0.71%
  • Veröffentlicht 21.03.2006 18:02:00
  • Zuletzt bearbeitet 16.06.2026 22:22:28

net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive me...

  • EPSS 0.42%
  • Veröffentlicht 21.03.2006 18:02:00
  • Zuletzt bearbeitet 16.06.2026 22:22:28

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGIN...

  • EPSS 3.43%
  • Veröffentlicht 15.03.2006 17:06:00
  • Zuletzt bearbeitet 16.06.2026 22:22:17

The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which b...

  • EPSS 2.73%
  • Veröffentlicht 14.03.2006 02:02:00
  • Zuletzt bearbeitet 16.06.2026 22:20:38

Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time t...

  • EPSS 0.46%
  • Veröffentlicht 12.03.2006 21:02:00
  • Zuletzt bearbeitet 16.06.2026 22:20:50

sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors.