Lucene search
K

4 matches found

CVE
CVE
added 2017/10/03 7:0 a.m.128 views

CVE-2017-14991

Consolidated details from connected advisories show CVE-2017-14991 affects the Linux kernel sg_ioctl path (drivers/scsi/sg.c) with vulnerable code in sg_get_request_table handling for /dev/sg0. The flaw exists in kernels before 4.13.4, allowing local attackers to read uninitialized kernel heap me...

5.5CVSS5.5AI score0.00414EPSS
Exploits0References5Affected Software1
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.89 views

BSA-2017-304

Security Advisory ID : BSA-2017-304 Component : Linux Kernel Revision : 1.0: Interim The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memo...

7.8CVSS5.8AI score0.00437EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2016/12/30 12:0 a.m.54 views

CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...

7CVSS6.8AI score0.00372EPSS
Exploits0References9
Prion
Prion
added 2009/09/22 10:30 a.m.23 views

Null pointer dereference

The sgbuildindirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service kernel OOPS and NULL pointer dereference, as demonstrated by using xcdroast to duplicate a CD...

4.9CVSS6.5AI score0.00438EPSS
Exploits2References5Affected Software1
Rows per page
Query Builder