Max CVSS | 7.6 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-6001 | 7.6 |
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: thi
|
09-02-2024 - 19:11 | 18-02-2017 - 21:59 | |
CVE-2017-9076 | 7.2 |
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related i
|
24-02-2023 - 18:39 | 19-05-2017 - 07:29 | |
CVE-2017-9075 | 7.2 |
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
|
24-02-2023 - 18:39 | 19-05-2017 - 07:29 | |
CVE-2017-9077 | 7.2 |
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
|
24-02-2023 - 18:38 | 19-05-2017 - 14:29 | |
CVE-2017-8890 | 7.2 |
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.
|
24-02-2023 - 18:32 | 10-05-2017 - 16:29 | |
CVE-2017-7889 | 7.2 |
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access re
|
14-02-2023 - 21:12 | 17-04-2017 - 00:59 | |
CVE-2017-7308 | 7.2 |
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or
|
14-02-2023 - 18:32 | 29-03-2017 - 20:59 | |
CVE-2017-2671 | 4.9 |
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (pani
|
12-02-2023 - 23:29 | 05-04-2017 - 06:59 | |
CVE-2017-15121 | 4.9 |
A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.
|
12-02-2023 - 23:28 | 07-12-2017 - 02:29 | |
CVE-2017-12190 | 4.9 |
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them int
|
12-02-2023 - 23:27 | 22-11-2017 - 18:29 | |
CVE-2016-8650 | 4.9 |
The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call
|
12-02-2023 - 23:26 | 28-11-2016 - 03:59 | |
CVE-2012-6701 | 7.2 |
Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.
|
17-01-2023 - 21:46 | 02-05-2016 - 10:59 | |
CVE-2018-3639 | 2.1 |
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access vi
|
13-08-2021 - 15:26 | 22-05-2018 - 12:29 | |
CVE-2018-1130 | 4.9 |
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
|
09-10-2019 - 23:38 | 10-05-2018 - 13:29 | |
CVE-2018-5803 | 4.9 |
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
|
27-03-2019 - 16:17 | 12-06-2018 - 16:29 | |
CVE-2015-8830 | 7.2 |
Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of
|
31-10-2018 - 10:29 | 02-05-2016 - 10:59 | |
CVE-2017-7616 | 2.1 |
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap op
|
20-06-2018 - 01:29 | 10-04-2017 - 14:59 | |
CVE-2017-18203 | 1.9 |
The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.
|
20-06-2018 - 01:29 | 27-02-2018 - 20:29 |