CVE-2005-2801
- EPSS 3.37%
- Veröffentlicht 06.09.2005 17:03:00
- Zuletzt bearbeitet 16.06.2026 22:15:42
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
- EPSS 3.2%
- Veröffentlicht 23.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:14:14
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore...
- EPSS 3.28%
- Veröffentlicht 23.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:14:14
The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which caus...
- EPSS 3.71%
- Veröffentlicht 23.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:14:55
The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system.
- EPSS 3.96%
- Veröffentlicht 23.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:14:55
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".
- EPSS 4.63%
- Veröffentlicht 23.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:14:55
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointe...
CVE-2005-2617
- EPSS 0.34%
- Veröffentlicht 17.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:18
The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit applicat...
CVE-2005-2555
- EPSS 0.45%
- Veröffentlicht 16.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:11
Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.
- EPSS 3%
- Veröffentlicht 12.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:10
vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk o...
CVE-2005-2553
- EPSS 0.55%
- Veröffentlicht 12.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:11
The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace pr...