- Home
- CVEs with nessus.description==Tilman+Schmidt+and+Sasha+Levin+discovered+a+use-after-free+condition+in+the+TTY+implementation+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+expose+sensitive+information+%28kernel+memory%29.%0A%28CVE-2015-8964%29%0A%0AIt+was+discovered+that+the+Video+For+Linux+Two+%28v4l2%29+implementation+in+the+Linux+kernel+did+not+properly+handle+multiple+planes+when+processing+a+VIDIOC_DQBUF+ioctl%28%29.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2016-4568%29%0A%0ACAI+Qian+discovered+that+shared+bind+mounts+in+a+mount+namespace+exponentially+added+entries+without+restriction+to+the+Linux+kernel%27s+mount+table.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.+%28CVE-2016-6213%29%0A%0AOndrej+Kozina+discovered+that+the+keyring+interface+in+the+Linux+kernel+contained+a+buffer+overflow+when+displaying+timeout+events+via+the+%2Fproc%2Fkeys+interface.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.+%28CVE-2016-7042%29%0A%0AAndreas+Gruenbacher+and+Jan+Kara+discovered+that+the+filesystem+implementation+in+the+Linux+kernel+did+not+clear+the+setgid+bit+during+a+setxattr+call.+A+local+attacker+could+use+this+to+possibly+elevate+group+privileges.+%28CVE-2016-7097%29%0A%0AMarco+Grassi+discovered+that+the+driver+for+Areca+RAID+Controllers+in+the+Linux+kernel+did+not+properly+validate+control+messages.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+gain+privileges.+%28CVE-2016-7425%29%0A%0AIt+was+discovered+that+the+KVM+implementation+for+x86%2Fx86_64+in+the+Linux+kernel+could+dereference+a+NULL+pointer.+An+attacker+in+a+guest+virtual+machine+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+in+the+KVM+host.+%28CVE-2016-8630%29%0A%0AEyal+Itkin+discovered+that+the+IP+over+IEEE+1394+%28FireWire%29+implementation+in+the+Linux+kernel+contained+a+buffer+overflow+when+handling+fragmented+packets.+A+remote+attacker+could+use+this+to+possibly+execute+arbitrary+code+with+administrative+privileges.%0A%28CVE-2016-8633%29%0A%0AMarco+Grassi+discovered+that+the+TCP+implementation+in+the+Linux+kernel+mishandles+socket+buffer+%28skb%29+truncation.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.%0A%28CVE-2016-8645%29%0A%0ADaxing+Guo+discovered+a+stack-based+buffer+overflow+in+the+Broadcom+IEEE802.11n+FullMAC+driver+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+gain+privileges.+%28CVE-2016-8658%29%0A%0AIt+was+discovered+that+an+information+leak+existed+in%0A__get_user_asm_ex%28%29+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+expose+sensitive+information.+%28CVE-2016-9178%29%0A%0AAndrey+Konovalov+discovered+that+the+SCTP+implementation+in+the+Linux+kernel+improperly+handled+validation+of+incoming+data.+A+remote+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.%0A%28CVE-2016-9555%29.%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+Ubuntu+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top