Max CVSS 7.2 Min CVSS 1.7 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-8551 4.7
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash)
26-08-2020 - 13:53 13-04-2016 - 15:59
CVE-2016-4997 7.2
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-contai
27-12-2019 - 16:08 03-07-2016 - 21:59
CVE-2016-4998 5.6
The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by levera
27-12-2019 - 16:08 03-07-2016 - 21:59
CVE-2016-4805 7.2
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a n
27-12-2019 - 16:08 23-05-2016 - 10:59
CVE-2016-4470 4.9
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a craft
27-12-2019 - 16:08 27-06-2016 - 10:59
CVE-2016-5244 5.0
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
22-04-2019 - 17:48 27-06-2016 - 10:59
CVE-2016-4578 2.1
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t
25-03-2019 - 18:58 23-05-2016 - 10:59
CVE-2016-4486 2.1
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
20-12-2018 - 11:29 23-05-2016 - 10:59
CVE-2016-1583 7.2
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames
06-12-2018 - 22:29 27-06-2016 - 10:59
CVE-2016-3672 4.6
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, a
09-10-2018 - 19:59 27-04-2016 - 17:59
CVE-2016-2053 4.7
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function
30-08-2018 - 16:52 02-05-2016 - 10:59
CVE-2016-5829 7.2
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOC
05-01-2018 - 02:31 27-06-2016 - 10:59
CVE-2016-5828 7.2
The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception,
05-01-2018 - 02:31 27-06-2016 - 10:59
CVE-2016-4565 7.2
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI int
05-01-2018 - 02:30 23-05-2016 - 10:59
CVE-2015-8845 4.9
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of
05-01-2018 - 02:30 27-04-2016 - 17:59
CVE-2016-4569 2.1
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer
05-01-2018 - 02:30 23-05-2016 - 10:59
CVE-2015-8552 1.7
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption)
04-11-2017 - 01:29 13-04-2016 - 15:59
CVE-2015-7833 4.9
The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in
13-09-2017 - 01:29 19-10-2015 - 10:59
CVE-2014-9904 7.2
The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory a
01-09-2017 - 01:29 27-06-2016 - 10:59
CVE-2016-4482 2.1
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTIN
28-11-2016 - 20:18 23-05-2016 - 10:59
CVE-2016-0758 7.2
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. <a href="http://cwe.mitre.org/data/definitions/190.html">CWE-190: Integer Overflow or Wraparound</a>
28-11-2016 - 19:55 27-06-2016 - 10:59
Back to Top Mark selected
Back to Top