- Home
- CVEs with nessus.description==It+was+discovered+that+a+buffer+overflow+existed+in+the+Bluetooth+stack+of+the+Linux+kernel+when+handling+L2CAP+configuration+responses.%0AA+physically+proximate+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.+%28CVE-2017-1000251%29%0A%0AIt+was+discovered+that+the+asynchronous+I%2FO+%28aio%29+subsystem+of+the+Linux+kernel+did+not+properly+set+permissions+on+aio+memory+mappings+in+some+situations.+An+attacker+could+use+this+to+more+easily+exploit+other+vulnerabilities.+%28CVE-2016-10044%29%0A%0ABaozeng+Ding+and+Andrey+Konovalov+discovered+a+race+condition+in+the+L2TPv3+IP+Encapsulation+implementation+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2016-10200%29%0A%0AAndreas+Gruenbacher+and+Jan+Kara+discovered+that+the+filesystem+implementation+in+the+Linux+kernel+did+not+clear+the+setgid+bit+during+a+setxattr+call.+A+local+attacker+could+use+this+to+possibly+elevate+group+privileges.+%28CVE-2016-7097%29%0A%0ASergej+Schumilo%2C+Ralf+Spenneberg%2C+and+Hendrik+Schwartke+discovered+that+the+key+management+subsystem+in+the+Linux+kernel+did+not+properly+allocate+memory+in+some+situations.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.+%28CVE-2016-8650%29%0A%0AVlad+Tsyrklevich+discovered+an+integer+overflow+vulnerability+in+the+VFIO+PCI+driver+for+the+Linux+kernel.+A+local+attacker+with+access+to+a+vfio+PCI+device+file+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2016-9083%2C+CVE-2016-9084%29%0A%0AIt+was+discovered+that+an+information+leak+existed+in%0A__get_user_asm_ex%28%29+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+expose+sensitive+information.+%28CVE-2016-9178%29%0A%0ACAI+Qian+discovered+that+the+sysctl+implementation+in+the+Linux+kernel+did+not+properly+perform+reference+counting+in+some+situations.+An+unprivileged+attacker+could+use+this+to+cause+a+denial+of+service+%28system+hang%29.+%28CVE-2016-9191%29%0A%0AIt+was+discovered+that+the+keyring+implementation+in+the+Linux+kernel+in+some+situations+did+not+prevent+special+internal+keyrings+from+being+joined+by+userspace+keyrings.+A+privileged+local+attacker+could+use+this+to+bypass+module+verification.+%28CVE-2016-9604%29%0A%0AIt+was+discovered+that+an+integer+overflow+existed+in+the+trace+subsystem+of+the+Linux+kernel.+A+local+privileged+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.+%28CVE-2016-9754%29%0A%0AAndrey+Konovalov+discovered+that+the+IPv4+implementation+in+the+Linux+kernel+did+not+properly+handle+invalid+IP+options+in+some+situations.%0AAn+attacker+could+use+this+to+cause+a+denial+of+service+or+possibly+execute+arbitrary+code.+%28CVE-2017-5970%29%0A%0ADmitry+Vyukov+discovered+that+the+Linux+kernel+did+not+properly+handle+TCP+packets+with+the+URG+flag.+A+remote+attacker+could+use+this+to+cause+a+denial+of+service.+%28CVE-2017-6214%29%0A%0AIt+was+discovered+that+a+race+condition+existed+in+the+AF_PACKET+handling+code+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2017-6346%29%0A%0AIt+was+discovered+that+the+keyring+implementation+in+the+Linux+kernel+did+not+properly+restrict+searches+for+dead+keys.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.%0A%28CVE-2017-6951%29%0A%0ADmitry+Vyukov+discovered+that+the+generic+SCSI+%28sg%29+subsystem+in+the+Linux+kernel+contained+a+stack-based+buffer+overflow.+A+local+attacker+with+access+to+an+sg+device+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.%0A%28CVE-2017-7187%29%0A%0AEric+Biggers+discovered+a+memory+leak+in+the+keyring+implementation+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28memory+consumption%29.+%28CVE-2017-7472%29%0A%0AIt+was+discovered+that+a+buffer+overflow+existed+in+the+Broadcom+FullMAC+WLAN+driver+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2017-7541%29.%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+Ubuntu+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top