Lucene search
K

181 matches found

Cvelist
Cvelist
added 2016/06/27 10:0 a.m.24 views

CVE-2016-4470

The keyrejectandlink function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service system crash via vectors involving a crafted keyctl request2 command...

6AI score0.00582EPSS
Exploits0References48
Debian CVE
Debian CVE
added 2016/06/27 10:0 a.m.52 views

CVE-2016-4470

The keyrejectandlink function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service system crash via vectors involving a crafted keyctl request2 command...

5.5CVSS6.1AI score0.00582EPSS
Exploits0
OSV
OSV
added 2016/06/27 12:0 a.m.2 views

UBUNTU-CVE-2016-4470

The keyrejectandlink function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service system crash via vectors involving a crafted keyctl request2 command...

5.5CVSS6.7AI score0.00582EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2016/06/27 12:0 a.m.49 views

CVE-2016-4470

The keyrejectandlink function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service system crash via vectors involving a crafted keyctl request2 command...

5.5CVSS6.8AI score0.00582EPSS
Exploits0References11
OSV
OSV
added 2016/02/08 3:59 a.m.10 views

CVE-2016-0728

The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via crafted keyctl commands...

7.8CVSS7.5AI score0.03646EPSS
Exploits14References42
NVD
NVD
added 2016/02/08 3:59 a.m.25 views

CVE-2016-0728

The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via crafted keyctl commands...

7.8CVSS7.6AI score0.03646EPSS
Exploits14References42
OSV
OSV
added 2016/02/08 3:59 a.m.1 views

DEBIAN-CVE-2016-0728

The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via crafted keyctl commands...

7.8CVSS6.2AI score0.03646EPSS
Exploits14References1
NVD
NVD
added 2016/02/08 3:59 a.m.24 views

CVE-2015-8539

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/userdefined.c...

7.8CVSS7.3AI score0.00427EPSS
Exploits0References24
OSV
OSV
added 2016/02/08 3:59 a.m.1 views

DEBIAN-CVE-2015-7550

The keyctlreadkey function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a crafted application that leverag...

5.5CVSS6.6AI score0.00412EPSS
Exploits0References1
Prion
Prion
added 2016/02/08 3:59 a.m.22 views

Code injection

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/userdefined.c...

7.2CVSS7AI score0.00427EPSS
Exploits0References24Affected Software3
Cvelist
Cvelist
added 2016/02/08 2:0 a.m.31 views

CVE-2015-8539

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/userdefined.c...

7.3AI score0.00427EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2016/02/07 12:0 a.m.42 views

CVE-2015-8539

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/userdefined.c...

7.8CVSS6.8AI score0.00427EPSS
Exploits0References5
OSV
OSV
added 2016/02/07 12:0 a.m.3 views

UBUNTU-CVE-2015-8539

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/userdefined.c...

7.8CVSS6.8AI score0.00427EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2016/01/20 12:0 a.m.49 views

Linux Kernel REFCOUNT Overflow / Use-After-Free

Exploit Title: Linux kernel REFCOUNT overflow/Use-After-Free in keyrings Date: 19/1/2016 Exploit Author: Perception Point Team CVE : CVE-2016-0728 / CVE-2016-0728 local root exploit modified by Federico Bento to read kernel symbols from /proc/kallsyms props to grsecurity/PaX for preventing this i...

7.2CVSS0.7AI score0.03646EPSS
Exploits14
UbuntuCve
UbuntuCve
added 2016/01/19 12:0 p.m.42 views

CVE-2016-0728

The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via crafted keyctl commands...

7.8CVSS7AI score0.03646EPSS
Exploits14References10
OSV
OSV
added 2016/01/19 12:0 p.m.3 views

UBUNTU-CVE-2016-0728

The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via crafted keyctl commands...

7.8CVSS6.9AI score0.03646EPSS
Exploits14References11
Tenable Nessus
Tenable Nessus
added 2016/01/14 12:0 a.m.62 views

F5 Networks BIG-IP : Linux kernel vulnerability (K94105604)

The keygcunusedkeys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service OOPS via crafted keyctl commands. CVE-2015-7872 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5...

2.1CVSS6.2AI score0.00508EPSS
Exploits0References2
OSV
OSV
added 2015/12/17 12:8 p.m.10 views

SUSE-SU-2015:2292-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.51 to receive various security and bugfixes. Following features were added: - hwrng: Add a driver for the hwrng found in power7+ systems fate315784. Following security bugs were fixed: - CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 sta...

6.9CVSS7.2AI score0.05059EPSS
Exploits1References69
NVD
NVD
added 2015/11/16 11:59 a.m.18 views

CVE-2015-7872

The keygcunusedkeys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service OOPS via crafted keyctl commands...

2.1CVSS5.6AI score0.00508EPSS
Exploits0References46
OSV
OSV
added 2015/11/16 11:59 a.m.4 views

CVE-2015-7872

The keygcunusedkeys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service OOPS via crafted keyctl commands...

5.8AI score
Exploits0References46
Rows per page
Query Builder