Max CVSS 6.9 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2014-7970 4.9
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in bo
14-08-2020 - 18:14 13-10-2014 - 10:55
CVE-2014-9585 2.1
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the
21-05-2020 - 20:35 09-01-2015 - 21:59
CVE-2014-9584 2.1
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel
21-05-2020 - 20:34 09-01-2015 - 21:59
CVE-2014-8160 5.0
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass in
21-05-2020 - 20:11 02-03-2015 - 11:59
CVE-2014-9529 6.9
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that
21-05-2020 - 17:41 09-01-2015 - 21:59
CVE-2015-0239 4.4
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering u
21-05-2020 - 14:19 02-03-2015 - 11:59
CVE-2014-9644 2.1
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes)
21-05-2020 - 13:11 02-03-2015 - 11:59
CVE-2013-7421 2.1
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.
19-05-2020 - 14:32 02-03-2015 - 11:59
Back to Top Mark selected
Back to Top