Linux : Security Vulnerabilities, CVEs, Published In May 2007
The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-05-29
Updated
2017-10-11
The embedded Linux kernel in certain Sun-Brocade SilkWorm switches before 20070516 does not properly handle a situation in which a non-root user creates a kernel process, which allows attackers to cause a denial of service (oops and device reboot) via unspecified vectors.
Max CVSS
7.8
EPSS Score
0.65%
Published
2007-05-18
Updated
2019-08-14
Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-05-08
Updated
2017-10-11
The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applications.
Max CVSS
4.6
EPSS Score
0.04%
Published
2007-05-03
Updated
2008-11-13
Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.76%
Published
2007-05-29
Updated
2018-10-30
The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow.
Max CVSS
4.9
EPSS Score
0.08%
Published
2007-05-07
Updated
2018-10-16
The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-05-02
Updated
2017-10-11
The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs").
Max CVSS
4.0
EPSS Score
0.04%
Published
2007-05-14
Updated
2017-10-11
8 vulnerabilities found