5907 matches found
CVE-2016-2547
sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...
DEBIAN-CVE-2016-2546
sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...
CVE-2016-2545
The sndtimerinterrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service race condition and system crash via a crafted ioctl call...
CVE-2016-2545
The sndtimerinterrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service race condition and system crash via a crafted ioctl call...
DEBIAN-CVE-2016-2545
The sndtimerinterrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service race condition and system crash via a crafted ioctl call...
CVE-2016-2544
Race condition in the queuedelete function in sound/core/seq/seqqueue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service use-after-free and system crash by making an ioctl call at a certain time...
DEBIAN-CVE-2016-2543
The sndseqioctlremoveevents function in sound/core/seq/seqclientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted ioctl call...
Race condition
The sndtimerinterrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service race condition and system crash via a crafted ioctl call...
Code injection
sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service deadlock via a crafted ioctl call...
Race condition
sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...
Race condition
Race condition in the queuedelete function in sound/core/seq/seqqueue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service use-after-free and system crash by making an ioctl call at a certain time...
CVE-2016-2543
The sndseqioctlremoveevents function in sound/core/seq/seqclientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted ioctl call...
CVE-2016-2548
CVE-2016-2548 affects the Linux kernel’s sound/core/timer.c prior to 4.4.1. The issue arises because the kernel may retain certain linked lists after a close or stop action (snd_timer_close and _snd_timer_stop), enabling a local attacker to trigger a denial-of-service (system crash) via a crafted...
CVE-2016-2548
sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service system crash via a crafted ioctl call, related to the 1 sndtimerclose and 2 sndtimerstop functions...
CVE-2016-2545
CVE-2016-2545 : Affected component is the Linux kernel; specifically the snd_timer_interrupt handler in sound/core/timer.c. The issue (pre-4.4.1) fails to maintain a linked list correctly, enabling local attackers to trigger a race condition via a crafted ioctl that can crash the system (denial o...
CVE-2016-2543
CVE-2016-2543 affects the Linux kernel before 4.4.1: the snd_seq_ioctl_remove_events path in sound/core/seq/seq_clientmgr.c does not verify FIFO assignment before clearing, enabling local users to trigger a NULL pointer dereference and an OOPS (denial of service). Remediation: upgrade to kernel 4...
CVE-2016-2549
sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service deadlock via a crafted ioctl call...
CVE-2016-2543
The sndseqioctlremoveevents function in sound/core/seq/seqclientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted ioctl call...
CVE-2016-2545
The sndtimerinterrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service race condition and system crash via a crafted ioctl call...
CVE-2016-2544
Race condition in the queuedelete function in sound/core/seq/seqqueue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service use-after-free and system crash by making an ioctl call at a certain time...