Max CVSS | 7.2 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-2143 | 6.9 |
The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted appli
|
14-03-2024 - 19:59 | 27-04-2016 - 17:59 | |
CVE-2015-8816 | 7.2 |
The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system
|
01-11-2023 - 14:51 | 27-04-2016 - 17:59 | |
CVE-2016-4482 | 2.1 |
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTIN
|
12-09-2023 - 14:55 | 23-05-2016 - 10:59 | |
CVE-2016-3134 | 7.2 |
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
CVE-2016-4569 | 2.1 |
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer
|
12-09-2023 - 14:55 | 23-05-2016 - 10:59 | |
CVE-2016-3156 | 2.1 |
The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
CVE-2016-4486 | 2.1 |
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
|
12-09-2023 - 14:55 | 23-05-2016 - 10:59 | |
CVE-2016-3138 | 4.9 |
The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data e
|
12-09-2023 - 14:55 | 02-05-2016 - 10:59 | |
CVE-2016-3137 | 4.9 |
drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoin
|
12-09-2023 - 14:55 | 02-05-2016 - 10:59 | |
CVE-2016-2184 | 4.9 |
The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) v
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
CVE-2016-3140 | 4.9 |
The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB
|
12-09-2023 - 14:55 | 02-05-2016 - 10:59 | |
CVE-2016-2186 | 4.9 |
The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB devi
|
12-09-2023 - 14:55 | 02-05-2016 - 10:59 | |
CVE-2016-2847 | 4.9 |
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
CVE-2016-2188 | 4.9 |
The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device
|
12-09-2023 - 14:55 | 02-05-2016 - 10:59 | |
CVE-2016-3139 | 4.9 |
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
CVE-2016-2185 | 4.9 |
The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB
|
12-09-2023 - 14:55 | 02-05-2016 - 10:59 | |
CVE-2016-1583 | 7.2 |
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames
|
12-09-2023 - 14:55 | 27-06-2016 - 10:59 | |
CVE-2016-4913 | 7.2 |
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have
|
12-09-2023 - 14:45 | 23-05-2016 - 10:59 | |
CVE-2016-4485 | 5.0 |
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.
|
12-09-2023 - 14:45 | 23-05-2016 - 10:59 | |
CVE-2016-2187 | 4.9 |
The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device desc
|
12-09-2023 - 14:45 | 02-05-2016 - 10:59 | |
CVE-2016-0758 | 7.2 |
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
|
12-02-2023 - 23:16 | 27-06-2016 - 10:59 | |
CVE-2016-4565 | 7.2 |
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI int
|
17-01-2023 - 21:40 | 23-05-2016 - 10:59 | |
CVE-2016-4805 | 7.2 |
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a n
|
17-01-2023 - 21:18 | 23-05-2016 - 10:59 | |
CVE-2016-2782 | 4.9 |
The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by insertin
|
31-01-2022 - 18:02 | 27-04-2016 - 17:59 | |
CVE-2016-5244 | 5.0 |
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
|
22-04-2019 - 17:48 | 27-06-2016 - 10:59 | |
CVE-2016-4578 | 2.1 |
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t
|
25-03-2019 - 18:58 | 23-05-2016 - 10:59 | |
CVE-2015-7566 | 4.9 |
The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by ins
|
09-10-2018 - 19:58 | 08-02-2016 - 03:59 | |
CVE-2016-2053 | 4.7 |
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function
|
30-08-2018 - 16:52 | 02-05-2016 - 10:59 | |
CVE-2016-4580 | 5.0 |
The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call
|
28-11-2016 - 20:19 | 23-05-2016 - 10:59 |