Max CVSS 10.0 Min CVSS 1.9 Total Count27
IDCVSSSummaryLast (major) updatePublished
CVE-2017-13167 7.2
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
06-12-2017 - 09:29 06-12-2017 - 09:29
CVE-2016-4794 7.2
Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls.
17-01-2017 - 21:59 23-05-2016 - 06:59
CVE-2015-8543 6.9
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer
07-12-2016 - 13:28 28-12-2015 - 06:59
CVE-2015-8374 2.1
fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.
07-12-2016 - 13:27 28-12-2015 - 06:59
CVE-2013-4312 4.9
The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c
05-12-2016 - 21:59 07-02-2016 - 22:59
CVE-2016-3156 2.1
The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.
02-12-2016 - 22:26 27-04-2016 - 13:59
CVE-2016-2847 4.9
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.
02-12-2016 - 22:26 27-04-2016 - 13:59
CVE-2016-2384 4.9
Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving
02-12-2016 - 22:25 27-04-2016 - 13:59
CVE-2016-2069 4.4
Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.
02-12-2016 - 22:24 27-04-2016 - 13:59
CVE-2015-8812 10.0
drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.
02-12-2016 - 22:14 27-04-2016 - 13:59
CVE-2016-6480 4.7
Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fe
28-11-2016 - 15:33 06-08-2016 - 16:59
CVE-2016-6327 4.9
drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation.
28-11-2016 - 15:31 16-10-2016 - 17:59
CVE-2016-6198 4.9
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related t
28-11-2016 - 15:30 06-08-2016 - 16:59
CVE-2016-6136 1.9
Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "doubl
28-11-2016 - 15:30 06-08-2016 - 16:59
CVE-2016-5829 7.2
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOC
28-11-2016 - 15:29 27-06-2016 - 06:59
CVE-2016-4581 4.9
fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series
28-11-2016 - 15:19 23-05-2016 - 06:59
CVE-2016-4578 2.1
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t
28-11-2016 - 15:19 23-05-2016 - 06:59
CVE-2016-4569 2.1
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer
28-11-2016 - 15:18 23-05-2016 - 06:59
CVE-2016-3841 7.2
The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.
28-11-2016 - 15:12 06-08-2016 - 16:59
CVE-2016-3070 4.6
The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash)
28-11-2016 - 15:06 06-08-2016 - 16:59
CVE-2016-2117 5.0
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
28-11-2016 - 15:03 02-05-2016 - 06:59
CVE-2016-2053 4.7
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function
28-11-2016 - 15:02 02-05-2016 - 06:59
CVE-2015-8956 3.6
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluet
28-11-2016 - 14:50 10-10-2016 - 06:59
CVE-2015-8845 4.9
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of
28-11-2016 - 14:49 27-04-2016 - 13:59
CVE-2016-3699 6.9
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables t
11-10-2016 - 08:13 07-10-2016 - 10:59
CVE-2015-8844 4.7
The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted applicati
10-05-2016 - 08:19 27-04-2016 - 13:59
CVE-2015-8746 5.0
fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted
04-05-2016 - 18:10 02-05-2016 - 06:59
Back to Top Mark selected
Back to Top