- Home
- CVEs with nessus.description==It+was+discovered+that+the+netfilter+netlink+implementation+in+the+Linux+kernel+did+not+properly+validate+batch+messages.+A+local+attacker+with+the+CAP_NET_ADMIN+capability+could+use+this+to+expose+sensitive+information+or+cause+a+denial+of+service.+%28CVE-2016-7917%29%0A%0AQian+Zhang+discovered+a+heap-based+buffer+overflow+in+the+tipc_msg_build%28%29+function+in+the+Linux+kernel.+A+local+attacker+could+use+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code+with+administrative+privileges.+%28CVE-2016-8632%29%0A%0AIt+was+discovered+that+the+keyring+implementation+in+the+Linux+kernel+in+some+situations+did+not+prevent+special+internal+keyrings+from+being+joined+by+userspace+keyrings.+A+privileged+local+attacker+could+use+this+to+bypass+module+verification.+%28CVE-2016-9604%29%0A%0ADmitry+Vyukov+discovered+that+KVM+implementation+in+the+Linux+kernel+improperly+emulated+the+VMXON+instruction.+A+local+attacker+in+a+guest+OS+could+use+this+to+cause+a+denial+of+service+%28memory+consumption%29+in+the+host+OS.+%28CVE-2017-2596%29%0A%0ADaniel+Jiang+discovered+that+a+race+condition+existed+in+the+ipv4+ping+socket+implementation+in+the+Linux+kernel.+A+local+privileged+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.%0A%28CVE-2017-2671%29%0A%0ADi+Shen+discovered+that+a+race+condition+existed+in+the+perf+subsystem+of+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+or+possibly+gain+administrative+privileges.+%28CVE-2017-6001%29%0A%0AEric+Biggers+discovered+a+memory+leak+in+the+keyring+implementation+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28memory+consumption%29.+%28CVE-2017-7472%29%0A%0ASabrina+Dubroca+discovered+that+the+asynchronous+cryptographic+hash+%28ahash%29+implementation+in+the+Linux+kernel+did+not+properly+handle+a+full+request+queue.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28infinite+recursion%29.+%28CVE-2017-7618%29%0A%0ATuomas+Haanpaa+and+Ari+Kauppi+discovered+that+the+NFSv2+and+NFSv3+server+implementations+in+the+Linux+kernel+did+not+properly+handle+certain+long+RPC+replies.+A+remote+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.+%28CVE-2017-7645%29%0A%0ATommi+Rantala+and+Brad+Spengler+discovered+that+the+memory+manager+in+the+Linux+kernel+did+not+properly+enforce+the+CONFIG_STRICT_DEVMEM+protection+mechanism.+A+local+attacker+with+access+to+%2Fdev%2Fmem+could+use+this+to+expose+sensitive+information+or+possibly+execute+arbitrary+code.+%28CVE-2017-7889%29%0A%0ATuomas+Haanpaa+and+Ari+Kauppi+discovered+that+the+NFSv2+and+NFSv3+server+implementations+in+the+Linux+kernel+did+not+properly+check+for+the+end+of+buffer.+A+remote+attacker+could+use+this+to+craft+requests+that+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2017-7895%29%0A%0AIt+was+discovered+that+a+use-after-free+vulnerability+existed+in+the+device+driver+for+XCeive+xc2028%2Fxc3028+tuners+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2016-7913%29%0A%0AVlad+Tsyrklevich+discovered+an+integer+overflow+vulnerability+in+the+VFIO+PCI+driver+for+the+Linux+kernel.+A+local+attacker+with+access+to+a+vfio+PCI+device+file+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2016-9083%2C+CVE-2016-9084%29.%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+Ubuntu+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top