| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-4482 | 2.1 |
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTIN
|
12-09-2023 - 14:55 | 23-05-2016 - 10:59 | |
| CVE-2016-3134 | 7.2 |
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
| CVE-2016-4569 | 2.1 |
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer
|
12-09-2023 - 14:55 | 23-05-2016 - 10:59 | |
| CVE-2016-4486 | 2.1 |
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
|
12-09-2023 - 14:55 | 23-05-2016 - 10:59 | |
| CVE-2016-3672 | 4.6 |
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, a
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
| CVE-2016-1583 | 7.2 |
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames
|
12-09-2023 - 14:55 | 27-06-2016 - 10:59 | |
| CVE-2016-4485 | 5.0 |
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.
|
12-09-2023 - 14:45 | 23-05-2016 - 10:59 | |
| CVE-2016-4581 | 4.9 |
fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series
|
12-02-2023 - 23:22 | 23-05-2016 - 10:59 | |
| CVE-2016-0758 | 7.2 |
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
|
12-02-2023 - 23:16 | 27-06-2016 - 10:59 | |
| CVE-2016-4565 | 7.2 |
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI int
|
17-01-2023 - 21:40 | 23-05-2016 - 10:59 | |
| CVE-2016-4557 | 7.2 |
The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted
|
17-01-2023 - 21:40 | 23-05-2016 - 10:59 | |
| CVE-2016-4805 | 7.2 |
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a n
|
17-01-2023 - 21:18 | 23-05-2016 - 10:59 | |
| CVE-2016-4951 | 7.2 |
The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other
|
17-01-2023 - 21:17 | 23-05-2016 - 10:59 | |
| CVE-2016-3955 | 10.0 |
The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a US
|
03-11-2022 - 20:31 | 03-07-2016 - 21:59 | |
| CVE-2016-5244 | 5.0 |
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
|
22-04-2019 - 17:48 | 27-06-2016 - 10:59 | |
| CVE-2016-4578 | 2.1 |
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t
|
25-03-2019 - 18:58 | 23-05-2016 - 10:59 | |
| CVE-2016-2053 | 4.7 |
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function
|
30-08-2018 - 16:52 | 02-05-2016 - 10:59 | |
| CVE-2013-7446 | 5.4 |
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. <a href="http://cwe.mitre.org/data/
|
13-08-2018 - 21:47 | 28-12-2015 - 11:59 | |
| CVE-2016-4580 | 5.0 |
The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call
|
28-11-2016 - 20:19 | 23-05-2016 - 10:59 |