Max CVSS 8.3 Min CVSS 2.1 Total Count46
IDCVSSSummaryLast (major) updatePublished
CVE-2017-7482 7.2
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This
30-07-2018 - 10:29 30-07-2018 - 10:29
CVE-2017-2618 4.9
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.
27-07-2018 - 15:29 27-07-2018 - 15:29
CVE-2016-9604 2.1
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass mod
11-07-2018 - 09:29 11-07-2018 - 09:29
CVE-2017-1000405 6.9
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario br
30-11-2017 - 17:29 30-11-2017 - 17:29
CVE-2017-12190 4.9
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them int
22-11-2017 - 13:29 22-11-2017 - 13:29
CVE-2017-16650 7.2
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
07-11-2017 - 18:29 07-11-2017 - 18:29
CVE-2017-16527 7.2
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
03-11-2017 - 21:29 03-11-2017 - 21:29
CVE-2017-15649 4.6
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) t
19-10-2017 - 18:29 19-10-2017 - 18:29
CVE-2017-12192 4.9
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial
11-10-2017 - 20:29 11-10-2017 - 20:29
CVE-2017-1000112 6.9
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-1000111 7.2
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-12154 3.6
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allow
26-09-2017 - 01:29 26-09-2017 - 01:29
CVE-2017-14489 4.9
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
15-09-2017 - 06:29 15-09-2017 - 06:29
CVE-2017-1000251 8.3
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remot
12-09-2017 - 13:29 12-09-2017 - 13:29
CVE-2017-14106 4.9
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code pat
01-09-2017 - 12:29 01-09-2017 - 12:29
CVE-2017-12134 7.2
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges
24-08-2017 - 10:29 24-08-2017 - 10:29
CVE-2017-10661 7.6
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel q
19-08-2017 - 14:29 19-08-2017 - 14:29
CVE-2017-7533 6.9
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_han
05-08-2017 - 12:29 05-08-2017 - 12:29
CVE-2017-7541 7.2
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a
25-07-2017 - 00:29 25-07-2017 - 00:29
CVE-2017-7542 4.9
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
21-07-2017 - 12:29 21-07-2017 - 12:29
CVE-2017-11473 7.2
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 4.12.2 allows local users to gain privileges via a crafted ACPI table.
20-07-2017 - 00:29 20-07-2017 - 00:29
CVE-2017-1000363 7.2
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, wher
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2017-11176 7.2
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possi
11-07-2017 - 19:29 11-07-2017 - 19:29
CVE-2017-8797 7.8
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering
02-07-2017 - 13:29 02-07-2017 - 13:29
CVE-2017-1000365 7.2
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000364 6.2
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-1000380 2.1
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed
17-06-2017 - 14:29 17-06-2017 - 14:29
CVE-2017-9242 4.9
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via craft
26-05-2017 - 21:29 26-05-2017 - 21:29
CVE-2017-9077 7.2
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
19-05-2017 - 10:29 19-05-2017 - 10:29
CVE-2017-9075 7.2
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
19-05-2017 - 03:29 19-05-2017 - 03:29
CVE-2017-9074 7.2
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly
19-05-2017 - 03:29 19-05-2017 - 03:29
CVE-2017-9059 4.9
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kerne
18-05-2017 - 02:29 18-05-2017 - 02:29
CVE-2016-10200 6.9
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a s
10-05-2017 - 21:29 07-03-2017 - 16:59
CVE-2017-8890 7.2
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.
10-05-2017 - 12:29 10-05-2017 - 12:29
CVE-2016-1575 7.2
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
08-05-2017 - 11:31 02-05-2016 - 06:59
CVE-2017-8831 7.2
The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain se
08-05-2017 - 02:29 08-05-2017 - 02:29
CVE-2017-7477 6.9
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in con
05-05-2017 - 09:20 25-04-2017 - 10:59
CVE-2017-7645 7.8
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
28-04-2017 - 21:59 18-04-2017 - 10:59
CVE-2017-7889 7.2
The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation acces
21-04-2017 - 13:40 16-04-2017 - 20:59
CVE-2017-7618 7.8
crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
14-04-2017 - 21:08 10-04-2017 - 10:59
CVE-2017-2671 4.9
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (pani
11-04-2017 - 15:05 05-04-2017 - 02:59
CVE-2016-10318 4.0
A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a diff
11-04-2017 - 11:32 04-04-2017 - 12:59
CVE-2016-10044 7.2
The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup
09-02-2017 - 21:59 07-02-2017 - 02:59
CVE-2016-9191 4.9
The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted appl
30-01-2017 - 21:59 27-11-2016 - 22:59
CVE-2016-6213 4.7
fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by
30-12-2016 - 21:59 28-12-2016 - 02:59
CVE-2016-1576 7.2
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted s
06-05-2016 - 08:57 02-05-2016 - 06:59
Back to Top Mark selected
Back to Top