Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-4623

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-11 Sep, 2006 | 17:00
Updated At-07 Aug, 2024 | 19:14
Rejected At-
Credits

The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:11 Sep, 2006 | 17:00
Updated At:07 Aug, 2024 | 19:14
Rejected At:
▼CVE Numbering Authority (CNA)

The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://lkml.org/lkml/2006/8/20/278
mailing-list
x_refsource_MLIST
http://www.novell.com/linux/security/advisories/2006_79_kernel.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/22441
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/22292
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-0689.html
vendor-advisory
x_refsource_REDHAT
http://www.securityfocus.com/archive/1/448998/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9775
vdb-entry
signature
x_refsource_OVAL
http://www.securityfocus.com/bid/19939
vdb-entry
x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDKSA-2006:182
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/22382
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/3551
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/23474
third-party-advisory
x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-489-1
vendor-advisory
x_refsource_UBUNTU
http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/471457
mailing-list
x_refsource_BUGTRAQ
https://issues.rpath.com/browse/RPL-721
x_refsource_CONFIRM
http://secunia.com/advisories/22945
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2007/dsa-1304
vendor-advisory
x_refsource_DEBIAN
http://secunia.com/advisories/25714
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21820
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/25691
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/26139
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lkml.org/lkml/2006/8/20/278
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.novell.com/linux/security/advisories/2006_79_kernel.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/22441
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/22292
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0689.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.securityfocus.com/archive/1/448998/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9775
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.securityfocus.com/bid/19939
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:182
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/22382
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/3551
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/23474
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.ubuntu.com/usn/usn-489-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/archive/1/471457
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: https://issues.rpath.com/browse/RPL-721
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/22945
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2007/dsa-1304
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://secunia.com/advisories/25714
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21820
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/25691
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/26139
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://lkml.org/lkml/2006/8/20/278
mailing-list
x_refsource_MLIST
x_transferred
http://www.novell.com/linux/security/advisories/2006_79_kernel.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/22441
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/22292
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0689.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.securityfocus.com/archive/1/448998/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9775
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.securityfocus.com/bid/19939
vdb-entry
x_refsource_BID
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:182
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/22382
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/3551
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/23474
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.ubuntu.com/usn/usn-489-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/archive/1/471457
mailing-list
x_refsource_BUGTRAQ
x_transferred
https://issues.rpath.com/browse/RPL-721
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/22945
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2007/dsa-1304
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://secunia.com/advisories/25714
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21820
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/25691
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/26139
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lkml.org/lkml/2006/8/20/278
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_79_kernel.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/22441
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/22292
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0689.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/448998/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9775
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.securityfocus.com/bid/19939
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:182
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/22382
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3551
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/23474
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-489-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/471457
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-721
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/22945
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2007/dsa-1304
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://secunia.com/advisories/25714
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21820
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/25691
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/26139
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:11 Sep, 2006 | 17:04
Updated At:03 Apr, 2025 | 01:03

The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.17.8
cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

There is a patch available for the affected product release.

Vendor Statements
Organization : Red Hat
Last Modified : 2006-09-21T00:00:00

Red Hat is aware of this issue and is tracking it via the following bug for Red Hat Enterprise Linux 4: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204912 This issue does not affect Red Hat Enterprise Linux 2.1 or 3.

References
HyperlinkSourceResource
http://lkml.org/lkml/2006/8/20/278cve@mitre.org
Patch
http://secunia.com/advisories/21820cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/22292cve@mitre.org
N/A
http://secunia.com/advisories/22382cve@mitre.org
N/A
http://secunia.com/advisories/22441cve@mitre.org
N/A
http://secunia.com/advisories/22945cve@mitre.org
N/A
http://secunia.com/advisories/23474cve@mitre.org
N/A
http://secunia.com/advisories/25691cve@mitre.org
N/A
http://secunia.com/advisories/25714cve@mitre.org
N/A
http://secunia.com/advisories/26139cve@mitre.org
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-249.htmcve@mitre.org
N/A
http://www.debian.org/security/2007/dsa-1304cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:182cve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2006_79_kernel.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2006-0689.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/448998/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/471457cve@mitre.org
N/A
http://www.securityfocus.com/bid/19939cve@mitre.org
Patch
http://www.ubuntu.com/usn/usn-489-1cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/3551cve@mitre.org
N/A
https://issues.rpath.com/browse/RPL-721cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9775cve@mitre.org
N/A
http://lkml.org/lkml/2006/8/20/278af854a3a-2127-422b-91ae-364da2661108
Patch
http://secunia.com/advisories/21820af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/22292af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22382af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22441af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/22945af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/23474af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/25691af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/25714af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/26139af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-249.htmaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2007/dsa-1304af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:182af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2006_79_kernel.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0689.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/448998/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/471457af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/19939af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.ubuntu.com/usn/usn-489-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/3551af854a3a-2127-422b-91ae-364da2661108
N/A
https://issues.rpath.com/browse/RPL-721af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9775af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lkml.org/lkml/2006/8/20/278
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://secunia.com/advisories/21820
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22292
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22382
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22441
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22945
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/23474
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/25691
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/25714
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/26139
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2007/dsa-1304
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:182
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006_79_kernel.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0689.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/448998/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/471457
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19939
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.ubuntu.com/usn/usn-489-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3551
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-721
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9775
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lkml.org/lkml/2006/8/20/278
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://secunia.com/advisories/21820
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22292
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/22382
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/22441
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/22945
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/23474
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/25691
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/25714
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/26139
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2007/dsa-1304
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:182
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006_79_kernel.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0689.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/448998/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/471457
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19939
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.ubuntu.com/usn/usn-489-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3551
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-721
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9775
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

138Records found
CVE-2019-19053
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.42% / 61.25%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:23
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.

Action-Not Available
Vendor-n/aBroadcom Inc.NetApp, Inc.Linux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxfas\/aff_baseboard_management_controllercloud_backupsolidfire_\&_hci_management_nodeactive_iq_unified_managerhci_baseboard_management_controllerhci_compute_nodesolidfire_baseboard_management_controlleraff_baseboard_management_controllersteelstore_cloud_integrated_storagelinux_kernele-series_santricity_os_controllersolidfire\,_enterprise_sds_\&_hci_storage_nodehci_compute_node_firmwaresolidfire_baseboard_management_controller_firmwarebrocade_fabric_operating_system_firmwaredata_availability_servicesn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-19075
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.84% / 73.87%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-19050
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.91% / 74.88%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:23
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Broadcom Inc.NetApp, Inc.Linux Kernel Organization, Inc
Product-ubuntu_linuxfas8700_firmwarehci_storage_nodeactive_iq_unified_managerfas8300aff_a400_firmwareh610s_firmwarehci_compute_nodeaff_a700ssolidfiresteelstore_cloud_integrated_storageh610slinux_kernelhci_management_nodeaff_a700s_firmwarefedorae-series_santricity_os_controlleraff_a400fabric_operating_systemfas8700fas8300_firmwaredata_availability_servicesn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-19078
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.34% / 86.79%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-19064
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.52% / 65.64%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 May, 2025 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control these failures at probe time

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora Project
Product-linux_kernelfedoran/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-19071
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.95% / 75.44%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2010-0148
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.33% / 79.17%
||
7 Day CHG~0.00%
Published-23 Feb, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets."

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCisco Systems, Inc.
Product-linux_kernelsecurity_agentn/a
CVE-2019-19074
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.57% / 67.75%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-19070
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.68% / 70.60%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, Inc
Product-fedoralinux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2012-0207
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-13.17% / 93.87%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, Inc
Product-linux_kernelenterprise_linux_eusn/a
CWE ID-CWE-369
Divide By Zero
CVE-2019-18813
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.24% / 78.45%
||
7 Day CHG~0.00%
Published-07 Nov, 2019 | 15:28
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-18810
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.22% / 78.24%
||
7 Day CHG~0.00%
Published-07 Nov, 2019 | 15:29
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-18680
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.70% / 81.51%
||
7 Day CHG~0.00%
Published-04 Nov, 2019 | 14:13
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rds_tcp_kill_sock() in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2011-4913
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.95% / 75.47%
||
7 Day CHG~0.00%
Published-21 Jun, 2012 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.

Action-Not Available
Vendor-n/aNovellLinux Kernel Organization, Inc
Product-linux_kernelsuse_linux_enterprise_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-3359
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.85% / 73.97%
||
7 Day CHG~0.00%
Published-24 May, 2012 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2189
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-10.90% / 93.12%
||
7 Day CHG~0.00%
Published-10 Oct, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-linux_kernelenterprise_linuxdebian_linuxubuntu_linuxenterprise_mrgn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2011-2699
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.75% / 72.20%
||
7 Day CHG~0.00%
Published-24 May, 2012 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, Inc
Product-linux_kernelenterprise_linuxenterprise_mrgn/a
CVE-2011-2482
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.17% / 77.79%
||
7 Day CHG~0.00%
Published-08 Jun, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2011-1093
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-1.22% / 78.28%
||
7 Day CHG~0.00%
Published-18 Jul, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelenterprise_linux_workstationenterprise_linux_serverenterprise_linux_desktopenterprise_linux_ausenterprise_linux_eusn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-15916
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.62% / 85.11%
||
7 Day CHG~0.00%
Published-04 Sep, 2019 | 14:58
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2011-0709
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.32% / 84.17%
||
7 Day CHG~0.00%
Published-18 Feb, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2010-4805
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.80% / 73.17%
||
7 Day CHG~0.00%
Published-26 May, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4251.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelenterprise_linuxn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2010-4251
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.15% / 83.57%
||
7 Day CHG~0.00%
Published-26 May, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.

Action-Not Available
Vendor-n/aRed Hat, Inc.VMware (Broadcom Inc.)Linux Kernel Organization, Inc
Product-linux_kernelenterprise_linuxesxn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2010-2248
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-2.31% / 84.16%
||
7 Day CHG~0.00%
Published-07 Sep, 2010 | 16:30
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-12615
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.02% / 83.06%
||
7 Day CHG~0.00%
Published-03 Jun, 2019 | 21:58
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-h610slinux_kernelcn1610hci_management_nodeactive_iq_unified_managerh610s_firmwarecn1610_firmwareaff_a700s_firmwareaff_a700ssolidfiren/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-11810
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.45% / 80.00%
||
7 Day CHG~0.00%
Published-07 May, 2019 | 13:04
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-416
Use After Free
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2010-4164
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-2.00% / 82.90%
||
7 Day CHG~0.00%
Published-03 Jan, 2011 | 19:26
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873.

Action-Not Available
Vendor-n/aSUSELinux Kernel Organization, IncDebian GNU/LinuxopenSUSE
Product-linux_kernelopensusedebian_linuxlinux_enterprise_software_development_kitlinux_enterprise_serverlinux_enterprise_real_time_extensionlinux_enterprise_desktopn/a
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2010-3432
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-4.32% / 88.47%
||
7 Day CHG~0.00%
Published-20 Nov, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncSUSEDebian GNU/LinuxCanonical Ltd.openSUSE
Product-linux_kernelubuntu_linuxopensusedebian_linuxlinux_enterprise_real_time_extensionn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-2243
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.79% / 72.92%
||
7 Day CHG~0.00%
Published-07 Nov, 2019 | 16:43
Updated-07 Aug, 2024 | 02:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS.

Action-Not Available
Vendor-linux-2.6Linux Kernel Organization, Inc
Product-linux_kernellinux-2.6
CWE ID-CWE-20
Improper Input Validation
CVE-2010-0437
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-3.24% / 86.61%
||
7 Day CHG~0.00%
Published-24 Mar, 2010 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2010-0741
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-2.11% / 83.41%
||
7 Day CHG~0.00%
Published-12 Apr, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO).

Action-Not Available
Vendor-kvm_qumranetn/aLinux Kernel Organization, IncQEMU
Product-linux_kernelqemukvmn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2009-4020
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-4.85% / 89.13%
||
7 Day CHG~0.00%
Published-04 Dec, 2009 | 21:00
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-4026
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-1.29% / 78.86%
||
7 Day CHG~0.00%
Published-02 Dec, 2009 | 16:00
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch."

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2009-3726
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-5.82% / 90.18%
||
7 Day CHG~0.00%
Published-09 Nov, 2009 | 19:00
Updated-07 Aug, 2024 | 06:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-399
Not Available
CVE-2009-1389
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-5.52% / 89.88%
||
7 Day CHG~0.00%
Published-16 Jun, 2009 | 23:00
Updated-07 Aug, 2024 | 05:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-kernellinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-1250
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-5.85% / 90.20%
||
7 Day CHG~0.00%
Published-09 Apr, 2009 | 00:00
Updated-07 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.

Action-Not Available
Vendor-openafsn/aIBM CorporationLinux Kernel Organization, Inc
Product-openafsafslinux_kerneln/a
CWE ID-CWE-189
Not Available
CVE-2013-7445
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-1.13% / 77.43%
||
7 Day CHG~0.00%
Published-16 Oct, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2017-12545
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-15.51% / 94.41%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

Action-Not Available
Vendor-Microsoft CorporationHewlett Packard Enterprise (HPE)HP Inc.Linux Kernel Organization, Inc
Product-windowssystem_management_homepagelinux_kernelSystem Management Homepage for Windows and Linux
CWE ID-CWE-476
NULL Pointer Dereference
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found