Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-9529 | 6.9 |
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that
|
14-03-2024 - 19:58 | 09-01-2015 - 21:59 | |
CVE-2014-9420 | 4.9 |
The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a cr
|
13-02-2023 - 00:45 | 26-12-2014 - 00:59 | |
CVE-2014-9584 | 2.1 |
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel
|
13-02-2023 - 00:45 | 09-01-2015 - 21:59 | |
CVE-2015-0239 | 4.4 |
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering u
|
13-02-2023 - 00:45 | 02-03-2015 - 11:59 | |
CVE-2014-8160 | 5.0 |
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass in
|
13-02-2023 - 00:43 | 02-03-2015 - 11:59 | |
CVE-2014-8133 | 2.1 |
arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mec
|
13-02-2023 - 00:43 | 17-12-2014 - 11:59 | |
CVE-2014-3690 | 4.9 |
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or caus
|
13-02-2023 - 00:42 | 10-11-2014 - 11:55 | |
CVE-2014-9428 | 7.8 |
The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of an amount of memory, which allows remote attackers t
|
20-01-2023 - 03:02 | 02-01-2015 - 21:59 | |
CVE-2014-9585 | 2.1 |
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the
|
21-05-2020 - 20:35 | 09-01-2015 - 21:59 | |
CVE-2014-9644 | 2.1 |
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes)
|
21-05-2020 - 13:11 | 02-03-2015 - 11:59 | |
CVE-2013-7421 | 2.1 |
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.
|
19-05-2020 - 14:32 | 02-03-2015 - 11:59 | |
CVE-2014-9419 | 2.1 |
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the
|
05-01-2018 - 02:29 | 26-12-2014 - 00:59 | |
CVE-2014-8989 | 4.6 |
The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the g
|
03-01-2017 - 02:59 | 30-11-2014 - 01:59 | |
CVE-2014-9683 | 3.6 |
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain pri
|
24-12-2016 - 02:59 | 03-03-2015 - 11:59 |