UBUNTU-CVE-2017-8066

drivers/net/can/usb/gsusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.2 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users to cause a denial of service system crash or memory corruption or possibly have unspecified other impact by leveraging use of more than on...

UBUNTU-CVE-2017-8068

drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users to cause a denial of service system crash or memory corruption or possibly have unspecified other impact by leveraging use of more than one virtual pag...

Ubuntu Linux kernel package integer overflow vulnerability

Ubuntu is a desktop-oriented GNU/Linux operating system developed by Canonical and the Ubuntu Foundation, of which the Linux kernel package is a component. An integer overflow vulnerability exists in version 3.16.0-28 of the Linux kernel package on the Ubuntu 14.04 LTS release. Due to the program...

UBUNTU-CVE-2017-2583

The loadsegmentdescriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service guest OS crash or gain guest OS privileges via a crafted application...

RunC Exec Vulnerability | Cloud Foundry

Medium Vendor Open Containers Initiative Description RunC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the...

UBUNTU-CVE-2016-3044

The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service host OS infinite loop and hang via unspecified vectors...

UBUNTU-CVE-2016-6327

drivers/infiniband/ulp/srpt/ibsrpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service NULL pointer dereference and system crash by using an ABORTTASK command to abort a device write operation...

Linux Kernel recvmmsg Privilege Escalation

This module attempts to exploit CVE-2014-0038, by sending a recvmmsg system call with a crafted timeout pointer parameter to gain root. This exploit has offsets for 3 Ubuntu 13 kernels: 3.8.0-19-generic 13.04 default; 3.11.0-12-generic 13.10 default; 3.11.0-15-generic 13.10. This exploit may take...

UBUNTU-CVE-2016-2065

sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to cause a denial of service out-of-bounds write and memory corruption or...

USN-2978-2 linux-lts-wily vulnerabilities

USN-2978-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux...

UBUNTU-CVE-2016-2187

The gtcoprobe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash via a crafted endpoints value in a USB device descriptor...

UBUNTU-CVE-2015-8374

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action...

PT-2015-1017 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux kernel versions prior to 3.18.8 Ubuntu linux-image-3.16.0 Ubuntu linux-image-3.2.0 Description: The issue concerns multiple vulnerabilities in the Linux kernel, specifically affecting Red Hat Enterprise Linux and...

UBUNTU-CVE-2013-4737

The CONFIGSTRICTMEMORYRWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not properly consider certain memory sections, which makes it easier for attackers to bypass intended access restrictions by...

UBUNTU-CVE-2012-6689

The netlinksendmsg function in net/netlink/afnetlink.c in the Linux kernel before 3.5.5 does not validate the dstpid field, which allows local users to have an unspecified impact by spoofing Netlink messages...