Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function.
Max CVSS
4.4
EPSS Score
0.04%
Published
2004-12-31
Updated
2008-09-05
Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests.
Max CVSS
4.9
EPSS Score
0.06%
Published
2004-12-31
Updated
2018-10-30
A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-31
Updated
2010-04-02
The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does not drop those permissions when it exits, which allows other processes to access the per-TSS pointers, access restricted memory locations, and possibly gain privileges.
Max CVSS
7.5
EPSS Score
0.71%
Published
2004-12-31
Updated
2017-07-11
Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.
Max CVSS
2.6
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-02-19
dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
Max CVSS
2.1
EPSS Score
0.07%
Published
2004-02-19
Updated
2016-10-18
cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
Max CVSS
2.1
EPSS Score
0.10%
Published
2004-05-26
Updated
2016-10-18
Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory.
Max CVSS
7.8
EPSS Score
0.04%
Published
2004-12-31
Updated
2024-02-08
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-15
Updated
2017-10-11
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-15
Updated
2018-10-03
load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL.
Max CVSS
2.1
EPSS Score
40.71%
Published
2004-12-31
Updated
2017-10-11
Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-10-11
Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors.
Max CVSS
10.0
EPSS Score
1.38%
Published
2004-12-31
Updated
2017-10-11
Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-12-31
Updated
2008-09-05
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
Max CVSS
7.5
EPSS Score
3.48%
Published
2004-12-23
Updated
2024-02-08
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.
Max CVSS
1.2
EPSS Score
0.12%
Published
2004-12-23
Updated
2017-10-11
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-12-23
Updated
2017-10-11
Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-08-06
Updated
2017-07-11
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.
Max CVSS
5.0
EPSS Score
1.30%
Published
2004-12-06
Updated
2017-07-11
The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-08-06
Updated
2017-07-11
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-06
Updated
2017-10-11
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
Max CVSS
2.1
EPSS Score
0.05%
Published
2004-08-06
Updated
2017-10-11
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-08-06
Updated
2017-10-11
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-06
Updated
2017-10-11
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-12-06
Updated
2018-10-30
50 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!