Max CVSS | 7.2 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-4482 | 2.1 |
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTIN
|
12-09-2023 - 14:55 | 23-05-2016 - 10:59 | |
CVE-2016-4997 | 7.2 |
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-contai
|
12-09-2023 - 14:55 | 03-07-2016 - 21:59 | |
CVE-2016-3134 | 7.2 |
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
CVE-2016-4569 | 2.1 |
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer
|
12-09-2023 - 14:55 | 23-05-2016 - 10:59 | |
CVE-2016-4486 | 2.1 |
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
|
12-09-2023 - 14:55 | 23-05-2016 - 10:59 | |
CVE-2016-1583 | 7.2 |
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames
|
12-09-2023 - 14:55 | 27-06-2016 - 10:59 | |
CVE-2016-4913 | 7.2 |
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have
|
12-09-2023 - 14:45 | 23-05-2016 - 10:59 | |
CVE-2016-4485 | 5.0 |
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.
|
12-09-2023 - 14:45 | 23-05-2016 - 10:59 | |
CVE-2016-2187 | 4.9 |
The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device desc
|
12-09-2023 - 14:45 | 02-05-2016 - 10:59 | |
CVE-2016-4470 | 4.9 |
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a craft
|
12-02-2023 - 23:21 | 27-06-2016 - 10:59 | |
CVE-2016-3707 | 6.8 |
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attacke
|
12-02-2023 - 23:19 | 27-06-2016 - 10:59 | |
CVE-2016-0758 | 7.2 |
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
|
12-02-2023 - 23:16 | 27-06-2016 - 10:59 | |
CVE-2016-4565 | 7.2 |
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI int
|
17-01-2023 - 21:40 | 23-05-2016 - 10:59 | |
CVE-2016-4805 | 7.2 |
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a n
|
17-01-2023 - 21:18 | 23-05-2016 - 10:59 | |
CVE-2016-5829 | 7.2 |
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOC
|
17-01-2023 - 21:16 | 27-06-2016 - 10:59 | |
CVE-2016-5244 | 5.0 |
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
|
22-04-2019 - 17:48 | 27-06-2016 - 10:59 | |
CVE-2016-4578 | 2.1 |
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t
|
25-03-2019 - 18:58 | 23-05-2016 - 10:59 | |
CVE-2016-2053 | 4.7 |
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function
|
30-08-2018 - 16:52 | 02-05-2016 - 10:59 | |
CVE-2015-7833 | 4.9 |
The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in
|
13-09-2017 - 01:29 | 19-10-2015 - 10:59 | |
CVE-2016-4580 | 5.0 |
The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call
|
28-11-2016 - 20:19 | 23-05-2016 - 10:59 |