Max CVSS 10.0 Min CVSS 2.1 Total Count11
IDCVSSSummaryLast (major) updatePublished
CVE-2017-1000380 2.1
sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed
17-06-2017 - 14:29 17-06-2017 - 14:29
CVE-2017-9605 4.9
The vmw_gb_surface_define_ioctl function (accessible via DRM_IOCTL_VMW_GB_SURFACE_CREATE) in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.11.4 defines a backup_handle variable but does not give it an initial value. If one att
13-06-2017 - 15:29 13-06-2017 - 15:29
CVE-2017-9150 2.1
The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address informa
22-05-2017 - 18:29 22-05-2017 - 18:29
CVE-2017-8925 2.1
The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.
12-05-2017 - 17:29 12-05-2017 - 17:29
CVE-2017-8924 2.1
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device
12-05-2017 - 17:29 12-05-2017 - 17:29
CVE-2017-7895 10.0
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted reque
11-05-2017 - 10:19 28-04-2017 - 06:59
CVE-2017-7346 4.9
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call
04-04-2017 - 12:01 30-03-2017 - 19:59
CVE-2017-5551 3.6
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid pro
09-02-2017 - 16:53 06-02-2017 - 01:59
CVE-2017-5576 7.2
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size va
09-02-2017 - 16:33 06-02-2017 - 01:59
CVE-2016-9755 4.6
The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted applicat
30-12-2016 - 21:59 28-12-2016 - 02:59
CVE-2014-9900 4.3
The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive infor
28-11-2016 - 14:15 06-08-2016 - 06:59
Back to Top Mark selected
Back to Top