Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2005-3806

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Nov, 2005 | 21:00
Updated At-07 Aug, 2024 | 23:24
Rejected At-
Credits

The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Nov, 2005 | 21:00
Updated At:07 Aug, 2024 | 23:24
Rejected At:
▼CVE Numbering Authority (CNA)

The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.redhat.com/support/errata/RHSA-2006-0140.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/17917
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/18684
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/18977
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/advisories/9806
vendor-advisory
x_refsource_SUSE
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d
x_refsource_CONFIRM
http://secunia.com/advisories/19369
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/18203
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-0101.html
vendor-advisory
x_refsource_REDHAT
http://www.debian.org/security/2006/dsa-1018
vendor-advisory
x_refsource_DEBIAN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9903
vdb-entry
signature
x_refsource_OVAL
http://www.securityfocus.com/archive/1/419522/100/0/threaded
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/archive/1/428058/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044
vendor-advisory
x_refsource_MANDRIVA
http://www.securityfocus.com/archive/1/427981/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2006-0190.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/18510
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/15729
vdb-entry
x_refsource_BID
http://www.securityfocus.com/archive/1/428028/100/0/threaded
vendor-advisory
x_refsource_FEDORA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:018
vendor-advisory
x_refsource_MANDRIVA
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=bbbe80cdaf72a75a463aff9551e60b31e2f69061%3Bhp=f841bde30c18493a94fd5d522b84724a8eb82a4a%3Bhb=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d%3Bf=net/ipv6/ip6_flowlabel.c
x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2006:072
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/17918
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1017
vendor-advisory
x_refsource_DEBIAN
http://secunia.com/advisories/19374
third-party-advisory
x_refsource_SECUNIA
https://usn.ubuntu.com/231-1/
vendor-advisory
x_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2006-0191.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/18562
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0140.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/17917
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/18684
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/18977
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/advisories/9806
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/19369
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/18203
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0101.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.debian.org/security/2006/dsa-1018
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9903
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.securityfocus.com/archive/1/419522/100/0/threaded
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/archive/1/428058/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.securityfocus.com/archive/1/427981/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0190.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/18510
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/15729
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securityfocus.com/archive/1/428028/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:018
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=bbbe80cdaf72a75a463aff9551e60b31e2f69061%3Bhp=f841bde30c18493a94fd5d522b84724a8eb82a4a%3Bhb=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d%3Bf=net/ipv6/ip6_flowlabel.c
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:072
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/17918
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2006/dsa-1017
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://secunia.com/advisories/19374
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://usn.ubuntu.com/231-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0191.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/18562
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.redhat.com/support/errata/RHSA-2006-0140.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/17917
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/18684
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/18977
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/advisories/9806
vendor-advisory
x_refsource_SUSE
x_transferred
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/19369
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/18203
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0101.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.debian.org/security/2006/dsa-1018
vendor-advisory
x_refsource_DEBIAN
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9903
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.securityfocus.com/archive/1/419522/100/0/threaded
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/archive/1/428058/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.securityfocus.com/archive/1/427981/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0190.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/18510
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/15729
vdb-entry
x_refsource_BID
x_transferred
http://www.securityfocus.com/archive/1/428028/100/0/threaded
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:018
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=bbbe80cdaf72a75a463aff9551e60b31e2f69061%3Bhp=f841bde30c18493a94fd5d522b84724a8eb82a4a%3Bhb=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d%3Bf=net/ipv6/ip6_flowlabel.c
x_refsource_CONFIRM
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:072
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/17918
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2006/dsa-1017
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://secunia.com/advisories/19374
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://usn.ubuntu.com/231-1/
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0191.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/18562
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0140.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/17917
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/18684
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/18977
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/advisories/9806
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/19369
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/18203
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0101.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1018
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9903
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/419522/100/0/threaded
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/428058/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/427981/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0190.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/18510
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/15729
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/428028/100/0/threaded
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:018
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=bbbe80cdaf72a75a463aff9551e60b31e2f69061%3Bhp=f841bde30c18493a94fd5d522b84724a8eb82a4a%3Bhb=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d%3Bf=net/ipv6/ip6_flowlabel.c
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:072
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/17918
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1017
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://secunia.com/advisories/19374
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://usn.ubuntu.com/231-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0191.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/18562
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:25 Nov, 2005 | 21:03
Updated At:03 Apr, 2025 | 01:03

The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.6MEDIUM
AV:L/AC:L/Au:N/C:N/I:C/A:C
Type: Primary
Version: 2.0
Base score: 6.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:N/I:C/A:C
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.0
cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.1
cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.2
cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.3
cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.10
cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.11
cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.12
cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.13
cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.14
cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.15
cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.16
cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.17
cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.18
cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.19
cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.19
cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.19
cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.19
cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.19
cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.19
cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.19
cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.20
cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.21
cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.21
cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.21
cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.21
cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.22
cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.22
cpe:2.3:o:linux:linux_kernel:2.4.22:pre10:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.23
cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.4.23
cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=bbbe80cdaf72a75a463aff9551e60b31e2f69061%3Bhp=f841bde30c18493a94fd5d522b84724a8eb82a4a%3Bhb=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d%3Bf=net/ipv6/ip6_flowlabel.ccve@mitre.org
N/A
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea6a8046bb49d43c950898f0cb4e1994ef6c89dcve@mitre.org
N/A
http://secunia.com/advisories/17917cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/17918cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18203cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18510cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18562cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18684cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/18977cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/19369cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/19374cve@mitre.org
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1017cve@mitre.org
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1018cve@mitre.org
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:018cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:072cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2006-0101.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2006-0140.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2006-0190.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2006-0191.htmlcve@mitre.org
N/A
http://www.securityfocus.com/advisories/9806cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/419522/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/427981/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/428028/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/428058/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/15729cve@mitre.org
N/A
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044cve@mitre.org
Patch
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9903cve@mitre.org
N/A
https://usn.ubuntu.com/231-1/cve@mitre.org
N/A
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=bbbe80cdaf72a75a463aff9551e60b31e2f69061%3Bhp=f841bde30c18493a94fd5d522b84724a8eb82a4a%3Bhb=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d%3Bf=net/ipv6/ip6_flowlabel.caf854a3a-2127-422b-91ae-364da2661108
N/A
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea6a8046bb49d43c950898f0cb4e1994ef6c89daf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/17917af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/17918af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18203af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18510af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18562af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18684af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/18977af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/19369af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/19374af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1017af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1018af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:018af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:072af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0101.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0140.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0190.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0191.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/advisories/9806af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/419522/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/427981/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/428028/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/428058/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/15729af854a3a-2127-422b-91ae-364da2661108
N/A
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9903af854a3a-2127-422b-91ae-364da2661108
N/A
https://usn.ubuntu.com/231-1/af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=bbbe80cdaf72a75a463aff9551e60b31e2f69061%3Bhp=f841bde30c18493a94fd5d522b84724a8eb82a4a%3Bhb=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d%3Bf=net/ipv6/ip6_flowlabel.c
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/17917
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17918
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18203
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18510
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18562
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18684
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18977
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19369
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19374
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1017
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1018
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:018
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:072
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0101.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0140.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0190.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0191.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/advisories/9806
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/419522/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/427981/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/428028/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/428058/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/15729
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9903
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://usn.ubuntu.com/231-1/
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=bbbe80cdaf72a75a463aff9551e60b31e2f69061%3Bhp=f841bde30c18493a94fd5d522b84724a8eb82a4a%3Bhb=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d%3Bf=net/ipv6/ip6_flowlabel.c
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea6a8046bb49d43c950898f0cb4e1994ef6c89d
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/17917
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/17918
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18203
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18510
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18562
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18684
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/18977
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19369
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/19374
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1017
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.debian.org/security/2006/dsa-1018
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:018
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:072
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0101.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0140.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0190.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0191.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/advisories/9806
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/419522/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/427981/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/428028/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/428058/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/15729
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9903
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://usn.ubuntu.com/231-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

6Records found
CVE-2010-4605
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.16% / 37.52%
||
7 Day CHG~0.00%
Published-29 Dec, 2010 | 17:27
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows local users to overwrite arbitrary files via unknown vectors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIBM Corporation
Product-linux_kerneltivoli_storage_managern/a
CVE-2010-2537
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.1||HIGH
EPSS-0.09% / 26.52%
||
7 Day CHG~0.00%
Published-30 Sep, 2010 | 14:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncSUSECanonical Ltd.
Product-linux_kernelubuntu_linuxsuse_linux_enterprise_desktopsuse_linux_enterprise_serverlinux_enterprise_high_availability_extensionn/a
CVE-2009-3939
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.43%
||
7 Day CHG~0.00%
Published-16 Nov, 2009 | 19:00
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.

Action-Not Available
Vendor-n/aopenSUSESUSEDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.Avaya LLCLinux Kernel Organization, Inc
Product-enterprise_linux_serverubuntu_linuxlinux_enterprise_servervirtualizationaura_session_manageropensuseaura_communication_manageraura_sip_enablement_servicesaura_system_platformaura_application_enablement_servicesdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linux_euslinux_enterprise_desktopenterprise_linux_desktopaura_system_managervoice_portaln/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2009-3889
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.05% / 13.30%
||
7 Day CHG~0.00%
Published-16 Nov, 2009 | 19:00
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dbg_lvl file for the megaraid_sas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the (1) behavior and (2) logging level of the driver by modifying this file.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-264
Not Available
CVE-2017-1000255
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.40%
||
7 Day CHG~0.00%
Published-30 Oct, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Linux running on PowerPC hardware (Power8 or later) a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception (interrupt), and use the r1 value *from the signal frame* as the kernel stack pointer. As part of the exception entry the content of the signal frame is written to the kernel stack, allowing an attacker to overwrite arbitrary locations with arbitrary values. The exception handling does produce an oops, and a panic if panic_on_oops=1, but only after kernel memory has been over written. This flaw was introduced in commit: "5d176f751ee3 (powerpc: tm: Enable transactional memory (TM) lazily for userspace)" which was merged upstream into v4.9-rc1. Please note that kernels built with CONFIG_PPC_TRANSACTIONAL_MEM=n are not vulnerable.

Action-Not Available
Vendor-n/aIBM CorporationLinux Kernel Organization, Inc
Product-powerpc_power9linux_kernelpowerpc_power8n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-12573
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.03% / 7.41%
||
7 Day CHG~0.00%
Published-11 Jul, 2019 | 19:31
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpn_launcher binary is setuid root. This binary supports the --log option, which accepts a path as an argument. This parameter is not sanitized, which allows a local unprivileged user to overwrite arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user.

Action-Not Available
Vendor-londontrustmedian/aLinux Kernel Organization, IncApple Inc.
Product-private_internet_access_vpn_clientmacoslinux_kerneln/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
Details not found