Low
CVE-2001-1399
Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86."
Tag: Linux Kernel
All CVEs associated with "Linux Kernel". Page 167/168 • 20117 CVEs.
Subscribe CVEs: RSS for “Linux Kernel” · RSS (High+Critical only)
About “Linux Kernel”
A curated feed of “Linux Kernel”-related CVEs appears below. We currently track 20117 CVEs for this tag (all time). In the last 365 days, 6176 were published. Average CVSS is 6.4 (all time; 6.4 over 365d), and 35% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-476 - NULL Pointer Dereference, CWE-401 - Missing Release of Memory after Effective Lifetime, CWE-416 - Use After Free.
In our taxonomy this topic maps to a MODERATE impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2001-04-17
Low
CVE-2001-1400
Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).
2001-04-11
High
CVE-2001-1467
mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers t…
2001-03-26
High
CVE-2001-0172
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name.
Critical
CVE-2001-0181
Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.
High
CVE-2001-0195
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
2001-03-12
Medium
CVE-2000-0314
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay…
Medium
CVE-2000-0315
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
Medium
CVE-2001-0107
Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang.
2001-02-12
Low
CVE-2001-0069
dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack.
Low
CVE-2001-0073
Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory.
Low
CVE-2001-1273
The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPUs, allows local users to cause a denial of service (system halt).
2001-01-09
High
CVE-2000-1095
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
Medium
CVE-2000-1107
in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.
High
CVE-2000-1125
restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to po…
Medium
CVE-2000-1135
fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack.
Medium
CVE-2000-1136
elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows local users to overwrite files of other users via a symlink attack.
High
CVE-2000-1183
Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long connection request.
High
CVE-2000-1189
Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.
2000-12-19
High
CVE-2000-0934
Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.
Medium
CVE-2000-0956
cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.
2000-12-11
High
CVE-2000-1009
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse…
Critical
CVE-2000-1042
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
Critical
CVE-2000-1043
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog(…
Critical
CVE-2000-1044
Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges.
High
CVE-2000-1059
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X…
2000-11-14
Low
CVE-2000-0829
The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/.
Low
CVE-2000-0866
Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes.
High
CVE-2000-0867
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
Medium
CVE-2000-0868
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
Medium
CVE-2000-0869
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.
Medium
CVE-2000-0883
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that…
2000-10-20
Medium
CVE-2000-0031
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
Medium
CVE-2000-0698
Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack.
High
CVE-2000-0712
Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to gain root privileges when LIDS is disabled via the security=0 boot option.
High
CVE-2000-0714
umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files.
Low
CVE-2000-0715
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
Critical
CVE-2000-0747
The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it.
High
CVE-2000-0749
Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system.
Critical
CVE-2000-0800
String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.
2000-10-18
High
CVE-2000-1213
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to…
Medium
CVE-2000-1214
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain…
2000-10-06
Low
CVE-2000-0816
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.
2000-09-30
High
CVE-2000-1207
userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format str…
2000-09-28
Medium
CVE-2000-0354
mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory.
2000-08-08
Medium
CVE-2000-0545
Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter.
2000-07-27
Low
CVE-2000-0667
Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.
Medium
CVE-2000-0668
pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
2000-07-18
Low
CVE-2000-0633
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
2000-07-16
Critical
CVE-2000-0666
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
2000-07-10
Critical
CVE-2000-0614
Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output.
2000-07-03
High
CVE-2000-0566
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
2000-06-22
Medium
CVE-2000-0617
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long USER environmental variable.
Medium
CVE-2000-0618
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long DISPLAY environmental variable.
2000-06-21
Medium
CVE-2000-0602
Secure Locate (slocate) in Red Hat Linux allows local users to gain privileges via a malformed configuration file that is specified in the LOCATE_PATH environmental variable.
Medium
CVE-2000-0604
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.
High
CVE-2000-0606
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
High
CVE-2000-0607
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
2000-06-09
Critical
CVE-2000-0506
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges,…
2000-06-01
High
CVE-2000-0467
Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function.
2000-05-29
High
CVE-2000-0454
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
2000-05-27
High
CVE-2000-0460
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
2000-05-22
High
CVE-2000-0438
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
2000-05-03
High
CVE-2000-0378
The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allow…
2000-05-02
Low
CVE-2000-0293
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa…
2000-05-01
Medium
CVE-2000-0344
The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value.
2000-04-29
High
CVE-2000-0340
Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable.
2000-04-27
High
CVE-1999-0706
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
2000-04-24
Critical
CVE-2000-0248
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
2000-04-21
Low
CVE-2000-0336
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
2000-04-16
Low
CVE-2000-0263
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.
2000-04-10
Low
CVE-2000-0274
The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name.
2000-03-27
Medium
CVE-2000-0289
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established…
2000-03-23
Low
CVE-2000-0227
The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of…
2000-03-16
High
CVE-2000-0231
Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.
2000-03-15
Critical
CVE-2000-0233
SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges.
2000-03-11
High
CVE-2000-0171
atsadc in the atsar package for Linux does not properly check the permissions of an output file, which allows local users to gain root privileges.
2000-03-09
Low
CVE-2000-0184
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.
2000-03-05
Medium
CVE-2000-0206
The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges.
2000-03-02
High
CVE-2000-0193
The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges.
2000-02-28
High
CVE-2000-0186
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
High
CVE-2000-0196
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.
2000-02-26
High
CVE-2000-0170
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
2000-02-24
High
CVE-2000-0194
buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters.
High
CVE-2000-0195
setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.
2000-02-05
High
CVE-2000-0145
The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.
2000-02-03
High
CVE-2000-0218
Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.
2000-02-02
High
CVE-2000-0112
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.
2000-02-01
High
CVE-2000-0107
Linux apcd program allows local attackers to modify arbitrary files via a symlink attack.
2000-01-12
High
CVE-2000-0048
get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program.
2000-01-08
Critical
CVE-2000-1220
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, a…
Critical
CVE-2000-1221
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server…
2000-01-04
Critical
CVE-1999-0894
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
1999-12-31
High
CVE-1999-1327
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
High
CVE-1999-1328
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
High
CVE-1999-1329
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
Low
CVE-1999-1331
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the…
Low
CVE-1999-1332
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
High
CVE-1999-1333
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to b…
Medium
CVE-1999-1335
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
Medium
CVE-1999-1339
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic…
1999-12-21
Critical
CVE-2000-0017
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
1999-12-08
Medium
CVE-1999-0986
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
1999-12-03
High
CVE-2000-0357
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
Medium
CVE-2000-0358
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.
1999-12-02
Low
CVE-2000-0366
dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files.
1999-11-25
High
CVE-1999-0317
Buffer overflow in Linux su command gives root access to local users.
1999-11-23
Low
CVE-2000-0531
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
1999-11-19
Medium
CVE-1999-0831
Denial of service in Linux syslogd via a large number of connections.
1999-11-09
Critical
CVE-1999-0832
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
1999-10-22
Medium
CVE-1999-1341
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices.
High
CVE-2000-0362
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges.
Medium
CVE-2000-0363
Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory.
1999-10-13
Medium
CVE-2000-0356
Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.
1999-10-08
Medium
CVE-2000-0369
The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service.
1999-10-07
High
CVE-1999-1346
PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has…
Medium
CVE-1999-1347
Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.
1999-09-28
Medium
CVE-1999-1352
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.
1999-09-16
Critical
CVE-1999-0704
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
1999-08-25
High
CVE-1999-0769
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.