Max CVSS | 7.2 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-7613 | 6.9 |
Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and uti
|
17-07-2024 - 15:30 | 19-10-2015 - 10:59 | |
CVE-2015-2925 | 6.9 |
The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a
|
17-07-2024 - 15:29 | 16-11-2015 - 11:59 | |
CVE-2015-7553 | 4.7 |
Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets.
|
13-02-2023 - 00:55 | 14-09-2017 - 16:29 | |
CVE-2015-5283 | 4.7 |
The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets bef
|
13-02-2023 - 00:52 | 19-10-2015 - 10:59 | |
CVE-2015-0239 | 4.4 |
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering u
|
13-02-2023 - 00:45 | 02-03-2015 - 11:59 | |
CVE-2014-8171 | 4.9 |
The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup.
|
13-02-2023 - 00:44 | 09-02-2018 - 22:29 | |
CVE-2014-7842 | 4.9 |
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace e
|
13-02-2023 - 00:42 | 30-11-2014 - 01:59 | |
CVE-2014-3647 | 1.9 |
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.
|
13-02-2023 - 00:41 | 10-11-2014 - 11:55 | |
CVE-2015-3288 | 7.2 |
mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.
|
12-02-2023 - 23:15 | 16-10-2016 - 21:59 | |
CVE-2014-9644 | 2.1 |
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes)
|
21-05-2020 - 13:11 | 02-03-2015 - 11:59 | |
CVE-2013-7421 | 2.1 |
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.
|
19-05-2020 - 14:32 | 02-03-2015 - 11:59 | |
CVE-2014-9419 | 2.1 |
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the
|
05-01-2018 - 02:29 | 26-12-2014 - 00:59 | |
CVE-2015-4170 | 4.7 |
Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread
|
12-11-2017 - 02:29 | 02-05-2016 - 10:59 | |
CVE-2015-8215 | 5.0 |
net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the mi
|
04-11-2017 - 01:29 | 16-11-2015 - 21:59 | |
CVE-2015-7837 | 2.1 |
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secur
|
05-10-2017 - 14:43 | 19-09-2017 - 16:29 | |
CVE-2015-3339 | 6.2 |
Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but t
|
31-12-2016 - 02:59 | 27-05-2015 - 10:59 | |
CVE-2015-6526 | 4.9 |
The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace.
|
08-12-2016 - 03:12 | 31-08-2015 - 20:59 | |
CVE-2016-0774 | 5.6 |
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do
|
03-12-2016 - 03:18 | 27-04-2016 - 17:59 | |
CVE-2010-5313 | 4.9 |
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842.
|
28-11-2016 - 19:07 | 30-11-2014 - 01:59 |