Linux » Linux Kernel » 2.6.13.1 : Security Vulnerabilities, CVEs, Published In 2005 (Denial of service)
The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function.
Max CVSS
4.9
EPSS Score
0.06%
Published
2005-12-31
Updated
2017-10-11
Buffer overflow in the CA-driver (dst_ca.c) for TwinHan DST Frontend/Card in Linux kernel 2.6.12 and other versions before 2.6.15 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by "reading more than 8 bytes into an 8 byte long array".
Max CVSS
4.6
EPSS Score
0.06%
Published
2005-12-31
Updated
2018-10-03
The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages.
Max CVSS
5.0
EPSS Score
3.36%
Published
2005-12-31
Updated
2011-03-08
Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified.
Max CVSS
3.6
EPSS Score
0.04%
Published
2005-12-31
Updated
2018-10-03
The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.
Max CVSS
4.9
EPSS Score
0.04%
Published
2005-11-27
Updated
2018-10-19
Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.
Max CVSS
4.9
EPSS Score
0.04%
Published
2005-11-25
Updated
2018-10-03
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.
Max CVSS
4.9
EPSS Score
0.04%
Published
2005-11-25
Updated
2018-10-19
The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges.
Max CVSS
4.9
EPSS Score
0.06%
Published
2005-11-23
Updated
2018-10-19
Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference.
Max CVSS
4.9
EPSS Score
0.07%
Published
2005-12-22
Updated
2017-07-11
The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules.
Max CVSS
4.9
EPSS Score
0.13%
Published
2005-12-31
Updated
2023-02-13
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
Max CVSS
4.9
EPSS Score
0.04%
Published
2005-12-14
Updated
2023-02-13
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).
Max CVSS
2.1
EPSS Score
0.07%
Published
2005-10-12
Updated
2024-01-26
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference.
Max CVSS
2.1
EPSS Score
0.16%
Published
2005-09-26
Updated
2018-10-19
The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-11-20
Updated
2018-10-19
14 vulnerabilities found