CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Linux : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2010-0003 200 DoS +Info 2010-01-26 2018-11-16
5.4
None Local Medium Not required Partial None Complete
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address.
102 CVE-2009-2848 269 DoS +Priv Mem. Corr. 2009-08-18 2020-08-28
5.9
None Local Medium Not required Partial Partial Complete
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
103 CVE-2009-1265 189 Overflow +Info 2009-04-08 2012-03-23
5.0
None Remote Low Not required Partial None None
Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.
104 CVE-2008-2953 20 DoS 2008-07-01 2017-08-08
5.0
None Remote Low Not required None None Partial
Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via "partial file list requests" that trigger a NULL pointer dereference.
105 CVE-2007-3380 16 DoS 2007-07-20 2017-10-11
5.0
None Remote Low Not required None None Partial
The Distributed Lock Manager (DLM) in the cluster manager for Linux kernel 2.6.15 allows remote attackers to cause a denial of service (loss of lock services) by connecting to the DLM port, which probably prevents other processes from accessing the service.
106 CVE-2007-2451 +Info 2007-05-29 2018-10-30
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.
107 CVE-2007-1497 Bypass 2007-03-16 2017-10-11
5.0
None Remote Low Not required Partial None None
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.
108 CVE-2006-2934 399 DoS 2006-06-30 2018-10-18
5.0
None Remote Low Not required None None Partial
SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.
109 CVE-2006-2448 DoS 2006-06-23 2018-10-18
5.6
None Local High Not required Complete None Complete
Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and possibly read kernel memory on 32-bit systems (signal_32.c).
110 CVE-2006-2446 DoS 2006-08-15 2017-10-11
5.4
None Remote High Not required None None Complete
Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests from the LTP test suite.
111 CVE-2006-1527 DoS 2006-05-03 2017-10-11
5.0
None Remote Low Not required None None Partial
The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function.
112 CVE-2006-1242 Bypass 2006-03-15 2018-10-18
5.0
None Remote Low Not required Partial None None
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks.
113 CVE-2006-0454 399 DoS 2006-02-07 2018-10-19
5.0
None Remote Low Not required None None Partial
Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value.
114 CVE-2005-4798 DoS Overflow 2005-12-31 2017-10-11
5.0
None Remote Low Not required None None Partial
Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.
115 CVE-2005-4635 DoS 2005-12-31 2011-03-08
5.0
None Remote Low Not required None None Partial
The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages.
116 CVE-2005-3623 264 Bypass 2005-12-31 2017-10-11
5.0
None Remote Low Not required Partial None None
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.
117 CVE-2005-3273 264 2005-10-21 2018-10-19
5.0
None Remote Low Not required None Partial None
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats.
118 CVE-2005-3272 2005-10-21 2018-10-03
5.0
None Remote Low Not required None Partial None
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.
119 CVE-2005-3180 +Info 2005-10-12 2018-10-19
5.0
None Remote Low Not required Partial None None
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
120 CVE-2005-2872 DoS 2005-09-09 2018-10-19
5.0
None Remote Low Not required None None Partial
The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length based on the u_int32_t type, acting on an array of unsigned long elements, a different vulnerability than CVE-2005-2873.
121 CVE-2005-2801 2005-09-06 2018-10-19
5.0
None Remote Low Not required None Partial None
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
122 CVE-2005-2548 399 DoS 2005-08-12 2018-10-03
5.0
None Remote Low Not required None None Partial
vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd.
123 CVE-2005-2459 476 DoS 2005-08-23 2018-10-19
5.0
None Remote Low Not required None None Partial
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458.
124 CVE-2005-2458 DoS 2005-08-23 2018-10-19
5.0
None Remote Low Not required None None Partial
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".
125 CVE-2005-2457 DoS 2005-08-23 2018-10-19
5.0
None Remote Low Not required None None Partial
The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system.
126 CVE-2005-2099 399 DoS 2005-08-23 2018-10-19
5.0
None Remote Low Not required None None Partial
The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null dereference in the keyring destructor.
127 CVE-2005-2098 DoS 2005-08-23 2018-10-19
5.0
None Remote Low Not required None None Partial
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM.
128 CVE-2005-0176 2005-02-15 2017-10-11
5.0
None Remote Low Not required Partial None None
The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.
129 CVE-2004-0816 DoS 2004-12-23 2017-07-11
5.0
None Remote Low Not required None None Partial
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
130 CVE-2004-0626 DoS 2004-12-06 2017-07-11
5.0
None Remote Low Not required None None Partial
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.
131 CVE-2004-0177 +Info 2004-06-01 2017-10-11
5.0
None Remote Low Not required Partial None None
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device.
132 CVE-2003-0619 DoS 2003-08-27 2017-10-11
5.0
None Remote Low Not required None None Partial
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
133 CVE-2003-0467 DoS 2003-08-27 2016-10-18
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error.
134 CVE-2003-0465 +Info 2003-08-18 2017-10-11
5.0
None Remote Low Not required Partial None None
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
135 CVE-2003-0418 2003-07-24 2016-10-18
5.0
None Remote Low Not required Partial None None
The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses.
136 CVE-2003-0244 DoS 2003-05-27 2017-10-11
5.0
None Remote Low Not required None None Partial
The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions.
137 CVE-2003-0187 DoS 2003-08-27 2017-10-11
5.0
None Remote Low Not required None None Partial
The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts.
138 CVE-2003-0001 200 +Info 2003-01-17 2019-04-30
5.0
None Remote Low Not required Partial None None
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
139 CVE-2002-2438 287 2021-05-18 2021-07-30
5.0
None Remote Low Not required None None Partial
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.
140 CVE-2002-0704 2002-07-26 2016-10-18
5.0
None Remote Low Not required Partial None None
The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.
141 CVE-2002-0510 2002-08-12 2008-09-05
5.0
None Remote Low Not required Partial None None
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux.
142 CVE-2002-0046 2002-01-31 2017-10-10
5.0
None Remote Low Not required Partial None None
Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet.
143 CVE-2001-1244 DoS 2001-07-07 2018-10-30
5.0
None Remote Low Not required None None Partial
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
144 CVE-2001-0851 Bypass 2001-12-06 2017-10-10
5.0
None Remote Low Not required Partial None None
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
145 CVE-2000-0344 DoS 2000-05-01 2008-09-10
5.0
None Remote Low Not required None None Partial
The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value.
146 CVE-2000-0289 2000-03-27 2008-09-10
5.0
None Remote Low Not required Partial None None
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
147 CVE-1999-1339 DoS 1999-12-31 2016-10-18
5.0
None Remote Low Not required None None Partial
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.
148 CVE-1999-1225 1997-08-24 2017-12-19
5.0
None Remote Low Not required Partial None None
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
149 CVE-1999-0986 DoS 1999-12-08 2008-09-09
5.0
None Remote Low Not required None None Partial
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
150 CVE-1999-0804 DoS 1999-06-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
Total number of vulnerabilities : 159   Page : 1 2 3 (This Page)4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.