| Definition ID | Class | Title | Last Modified |
|---|
| oval:org.mitre.oval:def:9307 | V | Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem. | 2013-04-29 |
| oval:org.mitre.oval:def:9552 | V | The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats. | 2013-04-29 |
| oval:org.mitre.oval:def:9647 | V | The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program. | 2013-04-29 |
| oval:org.mitre.oval:def:9770 | V | Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value. | 2013-04-29 |
| oval:org.mitre.oval:def:9795 | V | Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. | 2013-04-29 |
| oval:org.mitre.oval:def:9890 | V | Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call. | 2013-04-29 |
| oval:org.mitre.oval:def:10275 | V | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | 2013-04-29 |
| oval:org.mitre.oval:def:10329 | V | The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device. | 2013-04-29 |
| oval:org.mitre.oval:def:10336 | V | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | 2013-04-29 |
| oval:org.mitre.oval:def:10444 | V | Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c. | 2013-04-29 |
| oval:org.mitre.oval:def:10481 | V | Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users execute arbitrary code by calling sendmsg and modifying the message contents in another thread. | 2013-04-29 |
| oval:org.mitre.oval:def:10487 | V | Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function. | 2013-04-29 |
| oval:org.mitre.oval:def:10630 | V | The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address. | 2013-04-29 |
| oval:org.mitre.oval:def:10858 | V | Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p-dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock-sk_policy array. | 2013-04-29 |
| oval:org.mitre.oval:def:11101 | V | traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). | 2013-04-29 |
| oval:org.mitre.oval:def:11117 | V | Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow. | 2013-04-29 |
| oval:org.mitre.oval:def:11119 | V | ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash). | 2013-04-29 |
| oval:org.mitre.oval:def:11628 | V | The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | 2013-04-29 |
| oval:org.mitre.oval:def:11690 | V | The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow. | 2013-04-29 |
| oval:org.mitre.oval:def:11723 | V | Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired. | 2013-04-29 |