CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Linux » Linux Kernel : Security Vulnerabilities Published In 2005

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-4811 DoS 2005-12-31 2017-10-10
4.9
None Local Low Not required None None Complete
The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function.
2 CVE-2005-4798 DoS Overflow 2005-12-31 2017-10-10
5.0
None Remote Low Not required None None Partial
Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.
3 CVE-2005-4639 DoS Exec Code Overflow 2005-12-31 2017-07-19
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in the CA-driver (dst_ca.c) for TwinHan DST Frontend/Card in Linux kernel 2.6.12 and other versions before 2.6.15 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by "reading more than 8 bytes into an 8 byte long array".
4 CVE-2005-4635 DoS 2005-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages.
5 CVE-2005-4618 DoS Overflow 2005-12-31 2009-11-12
3.6
None Local Low Not required None Partial Partial
Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified.
6 CVE-2005-4605 2005-12-31 2017-10-10
2.1
None Local Low Not required Partial None None
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
7 CVE-2005-4352 Bypass 2005-12-31 2017-07-19
2.1
None Local Low Not required None Partial None
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap."
8 CVE-2005-4351 Bypass 2005-12-31 2017-07-19
4.3
None Local Low Single system Partial Partial Partial
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.
9 CVE-2005-3858 DoS 2005-11-27 2017-10-10
7.8
None Remote Low Not required None None Complete
Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed.
10 CVE-2005-3857 399 DoS 2005-11-27 2017-10-10
4.9
None Local Low Not required None None Complete
The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.
11 CVE-2005-3848 DoS 2005-11-26 2017-10-10
7.8
None Remote Low Not required None None Complete
Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply."
12 CVE-2005-3847 DoS 2005-11-26 2016-10-17
4.0
None Local High Not required None None Complete
The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump.
13 CVE-2005-3810 DoS 2005-11-25 2016-10-17
7.8
None Remote Low Not required None None Complete
ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference.
14 CVE-2005-3809 DoS 2005-11-25 2016-10-17
7.8
None Remote Low Not required None None Complete
The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference.
15 CVE-2005-3808 DoS Overflow 2005-11-25 2010-04-02
4.9
None Local Low Not required None None Complete
Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.
16 CVE-2005-3807 DoS 2005-11-25 2016-10-17
4.9
None Local Low Not required None None Complete
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.
17 CVE-2005-3806 399 DoS 2005-11-25 2017-10-10
6.6
None Local Low Not required None Complete Complete
The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.
18 CVE-2005-3805 DoS 2005-11-25 2010-04-02
4.9
None Local Low Not required None None Complete
A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers.
19 CVE-2005-3784 399 DoS +Priv 2005-11-23 2017-10-10
4.9
None Local Low Not required None None Complete
The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges.
20 CVE-2005-3783 DoS 2005-11-23 2010-04-02
4.9
None Local Low Not required None None Complete
The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14.2, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, which allows local users to cause a denial of service (crash).
21 CVE-2005-3753 DoS 2005-11-22 2008-09-05
7.8
None Remote Low Not required None None Complete
Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker.
22 CVE-2005-3660 DoS 2005-12-22 2017-07-10
4.9
None Local Low Not required None None Complete
Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference.
23 CVE-2005-3623 264 Bypass 2005-12-31 2017-10-10
5.0
None Remote Low Not required Partial None None
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.
24 CVE-2005-3527 DoS 2005-11-08 2010-04-02
4.0
None Local High Not required None None Complete
Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial of service by triggering a core dump in one thread while another thread has a pending SIGSTOP.
25 CVE-2005-3359 DoS 2005-12-31 2017-10-10
4.9
None Local Low Not required None None Complete
The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules.
26 CVE-2005-3358 DoS 2005-12-14 2017-10-10
4.9
None Local Low Not required None None Complete
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
27 CVE-2005-3356 DoS 2005-12-31 2017-10-10
2.1
None Local Low Not required None None Partial
The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors.
28 CVE-2005-3276 +Info 2005-10-20 2017-10-10
2.1
None Local Low Not required Partial None None
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
29 CVE-2005-3275 DoS Mem. Corr. 2005-10-20 2017-10-10
2.6
None Remote High Not required None None Partial
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption.
30 CVE-2005-3274 DoS 2005-10-20 2017-10-10
1.2
None Local High Not required None None Partial
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired.
31 CVE-2005-3273 264 2005-10-20 2017-10-10
5.0
None Remote Low Not required None Partial None
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats.
32 CVE-2005-3272 2005-10-20 2017-10-10
5.0
None Remote Low Not required None Partial None
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.
33 CVE-2005-3271 DoS 2005-10-20 2017-02-19
2.1
None Local Low Not required None None Partial
Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single user.
34 CVE-2005-3257 264 +Priv 2005-10-18 2017-10-10
4.6
User Local Low Not required Partial Partial Partial
The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.
35 CVE-2005-3181 399 DoS 2005-10-12 2017-10-10
2.1
None Local Low Not required None None Partial
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).
36 CVE-2005-3180 +Info 2005-10-12 2017-10-10
5.0
None Remote Low Not required Partial None None
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
37 CVE-2005-3179 264 +Info 2005-10-12 2017-02-19
2.1
None Local Low Not required Partial None None
drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.
38 CVE-2005-3119 399 DoS 2005-10-12 2017-10-10
2.1
None Local Low Not required None None Partial
Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.
39 CVE-2005-3110 DoS 2005-09-30 2017-10-10
2.6
None Remote High Not required None None Partial
Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service (crash) via a series of packets that cause a value to be modified after it has been read but before it has been locked.
40 CVE-2005-3109 399 DoS 2005-09-30 2017-10-10
2.1
None Local Low Not required None None Partial
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.
41 CVE-2005-3108 DoS +Info 2005-09-30 2017-10-10
2.1
None Local Low Not required None None Partial
mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.
42 CVE-2005-3107 DoS 2005-09-30 2017-10-10
2.1
None Local Low Not required None None Partial
fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state.
43 CVE-2005-3106 DoS 2005-09-30 2017-10-10
1.2
None Local High Not required None None Partial
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.
44 CVE-2005-3105 DoS 2005-09-30 2017-10-10
2.1
None Local Low Not required None None Partial
The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito processors does not properly maintain cache coherency as required by the architecture, which allows local users to cause a denial of service and possibly corrupt data by modifying PTE protections.
45 CVE-2005-3055 20 DoS 2005-09-26 2017-10-10
2.1
None Local Low Not required None None Partial
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference.
46 CVE-2005-3053 DoS 2005-09-26 2017-10-10
2.1
None Local Low Not required None None Partial
The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument.
47 CVE-2005-3044 DoS 2005-09-22 2017-10-10
2.1
None Local Low Not required None None Partial
Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on 64-bit systems.
48 CVE-2005-2973 DoS 2005-10-27 2017-10-10
2.1
None Local Low Not required None None Partial
The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).
49 CVE-2005-2873 2005-09-09 2017-10-10
2.1
None Local Low Not required None None Partial
The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vulnerability than CVE-2005-2872.
50 CVE-2005-2872 DoS 2005-09-09 2017-10-10
5.0
None Remote Low Not required None None Partial
The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads to memset calls using a length based on the u_int32_t type, acting on an array of unsigned long elements, a different vulnerability than CVE-2005-2873.
Total number of vulnerabilities : 133   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.