CVE & Exploit Intelligence Database

CVE-2005-3358 1 PoC Analysis EPSS 0.00

Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.

Dec 14, 2005

CVE-2005-3858 EPSS 0.02

Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed.

Nov 27, 2005

CVE-2005-3857 1 PoC Analysis EPSS 0.00

The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.

CWE-399 Nov 27, 2005

CVE-2005-3847 5.5 MEDIUM EPSS 0.00

The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump.

CWE-667 Nov 27, 2005

CVE-2005-3848 EPSS 0.07

Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply."

Nov 27, 2005

CVE-2005-3806 EPSS 0.00

The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.

CWE-399 Nov 25, 2005

CVE-2005-3807 1 PoC Analysis EPSS 0.00

Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.

Nov 25, 2005

CVE-2005-3808 1 PoC Analysis EPSS 0.00

Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.

Nov 25, 2005

CVE-2005-3805 EPSS 0.00

A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers.

Nov 25, 2005

CVE-2005-3810 EPSS 0.00

ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference.

Nov 25, 2005

CVE-2005-3809 EPSS 0.00

The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference.

Nov 25, 2005

CVE-2005-3783 EPSS 0.00

The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14.2, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, which allows local users to cause a denial of service (crash).

Nov 23, 2005

CVE-2005-3784 EPSS 0.00

The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges.

CWE-399 Nov 23, 2005

CVE-2005-3753 EPSS 0.00

Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker.

Nov 22, 2005

CVE-2005-2709 1 PoC Analysis EPSS 0.00

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.

CWE-399 Nov 20, 2005

CVE-2005-3527 EPSS 0.00

Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial of service by triggering a core dump in one thread while another thread has a pending SIGSTOP.

Nov 09, 2005

CVE-2005-2973 1 PoC Analysis EPSS 0.00

The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).

Oct 27, 2005

CVE-2005-2708 EPSS 0.00

The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process using the bash ulimit -v command.

CWE-399 Oct 25, 2005

CVE-2005-3272 EPSS 0.02

Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.

Oct 21, 2005

CVE-2005-3273 EPSS 0.03

The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats.

CWE-264 Oct 21, 2005