Lucene search
+L

75 matches found

UbuntuCve
UbuntuCve
added 2016/05/13 12:0 a.m.24 views

CVE-2016-3070

The tracewritebackdirtypage implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by...

7.8CVSS7.1AI score0.00415EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2016/05/12 12:0 a.m.50 views

CVE-2016-0758

Integer overflow in lib/asn1decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data...

7.8CVSS6.8AI score0.00397EPSS
Exploits0References14
UbuntuCve
UbuntuCve
added 2016/05/02 10:59 a.m.31 views

CVE-2012-6701

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec...

7.8CVSS7.1AI score0.00354EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2016/05/02 12:0 a.m.46 views

CVE-2016-2117

The atl2probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data...

7.5CVSS7.1AI score0.06386EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2016/04/27 12:0 a.m.33 views

CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

7.8CVSS7.1AI score0.0117EPSS
Exploits12References16
UbuntuCve
UbuntuCve
added 2016/02/24 12:0 a.m.45 views

CVE-2016-2550

The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service memory consumption by leveraging incorrect tracking of descriptor ownership and sending each descriptor over a UNIX socket before closing it. NOTE: this vulnerability exists because of an...

5.5CVSS6.8AI score0.00507EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2016/02/24 12:0 a.m.31 views

CVE-2016-2544

Race condition in the queuedelete function in sound/core/seq/seqqueue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service use-after-free and system crash by making an ioctl call at a certain time...

5.1CVSS6.8AI score0.00337EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2016/02/24 12:0 a.m.32 views

CVE-2016-2543

The sndseqioctlremoveevents function in sound/core/seq/seqclientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted ioctl call...

6.2CVSS6.8AI score0.00523EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2016/01/26 12:0 a.m.38 views

CVE-2016-2069

Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU...

7.4CVSS7.1AI score0.00315EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2015/12/31 12:0 a.m.40 views

CVE-2015-8787

The nfnatredirectipv4 function in net/netfilter/nfnatredirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured...

10CVSS6.9AI score0.09235EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2015/12/28 12:0 a.m.46 views

CVE-2015-7990

Race condition in the rdssendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerabili...

5.9CVSS6.5AI score0.00348EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2015/11/16 9:59 p.m.44 views

CVE-2015-8215

net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service packet loss via a value that is 1 smaller than the minimum compliant value or 2 larger than the MTU of a...

5CVSS6.8AI score0.03693EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2015/09/24 12:0 a.m.27 views

CVE-2015-5257

drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue...

4.9CVSS6.8AI score0.00445EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2015/08/31 12:0 a.m.46 views

CVE-2015-6526

The perfcallchainuser64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service infinite loop via a deep 64-bit userspace backtrace...

4.9CVSS6.8AI score0.00393EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/06/07 12:0 a.m.41 views

CVE-2015-4001

Integer signedness error in the ozhcdgetdesccnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted packet...

9CVSS7.4AI score0.07123EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2015/04/21 12:0 a.m.40 views

CVE-2015-3331

The driverrfc4106decrypt function in arch/x86/crypto/aesni-intelglue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service buffer overflow and system crash or possibly...

9.3CVSS7AI score0.10108EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2015/03/16 10:59 a.m.42 views

CVE-2014-8173

The pmdnoneortranshugeorclearbad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory PMD entry is a transparent huge-table entry, which allows local users to cause a denial of service NULL pointer...

7.2CVSS6.8AI score0.00404EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/03/16 12:0 a.m.36 views

CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

10CVSS6.8AI score0.09828EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2014/12/31 12:0 a.m.45 views

CVE-2014-9644

The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a parenthesized module template expression in the salgname field, as demonstrated by the vfataes expression, a different vulnerability than...

2.1CVSS6.8AI score0.00552EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2014/12/08 12:0 a.m.32 views

CVE-2014-8134

The paravirtopssetup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirtenabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value...

3.3CVSS6.8AI score0.00703EPSS
Exploits1References10
Rows per page
Query Builder