Lucene search
K

41 matches found

CVE
CVE
added 2014/06/07 2:0 p.m.1179 views

CVE-2014-3153

The CVE-2014-3153 issue affects the Linux kernel futex_requeue path (kernel/futex.c) through version 3.14.5. A local unprivileged user can exploit FUTEX_REQUEUE with two identical futex addresses to gain privileges or modify waiter state, causing potential privilege escalation and memory impact. ...

7.8CVSS6.5AI score0.37233EPSS
In wild
CVE
CVE
added 2014/05/07 10:0 a.m.610 views

CVE-2014-0196

CVE-2014-0196 affects the Linux kernel (through 3.14.3) specifically the n_tty_write function in drivers/tty/n_tty.c. The flaw permits a local user to trigger a race condition between read and write operations with long strings in the LECHO & !OPOST case, enabling denial of service (memory corrup...

6.9CVSS6.3AI score0.22475EPSS
In wild
CVE
CVE
added 2014/03/24 10:0 a.m.331 views

CVE-2014-2523

CVE-2014-2523 applies to the Linux kernel code path net/netfilter/nf_conntrack_proto_dccp.c up to version 3.13.6. The vulnerability arises from incorrect handling of a DCCP header pointer, which could allow remote attackers to cause a system crash ( denial of service ) or potentially execute arbi...

10CVSS7.2AI score0.10385EPSS
CVE
CVE
added 2014/12/17 11:0 a.m.177 views

CVE-2014-9322

CVE-2014-9322 affects the Linux kernel pre-3.17.5 where arch/x86/kernel/entry_64.S mishandles faults on the Stack Segment (SS) during IRET, allowing a local user to escalate privileges by accessing a GS Base address from the wrong space. Public PoC/exploitation (BadIRET) exists, illustrating loca...

7.8CVSS7.4AI score0.01447EPSS
CVE
CVE
added 2014/05/11 9:0 p.m.171 views

CVE-2014-3122

CVE-2014-3122 affects the Linux kernel local memory-management path. The advisory centers on the try_to_unmap_cluster function in mm/rmap.c, where the code path did not consistently lock pages, enabling a local user to trigger a memory-usage pattern that can force removal of page-table mappings a...

4.9CVSS5.8AI score0.00545EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.159 views

CVE-2014-3610

CVE-2014-3610 is a Linux kernel KVM WRMSR emulation flaw present up to and including 3.17.2. The issue arises when guest writes a non-canonical value to a model-specific register, causing the host to crash (DoS). It is tied to wrmsr_interception (arch/x86/kvm/svm.c) and handle_wrmsr (arch/x86/kvm...

5.5CVSS5.9AI score0.00595EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.155 views

CVE-2014-3690

CVE-2014-3690 affects arch/x86/kvm/vmx.c in the Linux kernel’s KVM subsystem on Intel, where the CR4 control register value may not be preserved across VM entries. The vendor-provided details in connected Nessus advisories describe a local attacker with access to /dev/kvm who can kill arbitrary p...

5.5CVSS6AI score0.00515EPSS
CVE
CVE
added 2014/04/14 11:0 p.m.151 views

CVE-2014-0077

CVE-2014-0077 concerns the Linux kernel component drivers/vhost/net.c . When mergeable buffers are disabled, the code path does not properly validate packet lengths, enabling a guest OS user to trigger a memory corruption that could cause a host crash or, per wording, potentially gain privileges ...

5.5CVSS6.6AI score0.00816EPSS
CVE
CVE
added 2014/05/11 9:0 p.m.151 views

CVE-2014-1737

CVE-2014-1737 affects the Linux kernel (through 3.14.3) and its floppy driver (drivers/block/floppy.c). The flaw is in raw_cmd_copyin not handling error conditions during processing of an FDRAWCMD ioctl, enabling local users with write access to /dev/fd to trigger kfree and potentially gain privi...

7.2CVSS6.2AI score0.00489EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.151 views

CVE-2014-4608

CVE-2014-4608 refers to multiple integer overflows in the LZO decompressor (lzo1x_decompress_safe) in the Linux kernel before 3.15.2, which can cause memory corruption and denial of service via a crafted Literal Run. Some advisories note the Linux kernel is not affected (media hype), while securi...

7.5CVSS5.7AI score0.05421EPSS
In wild
CVE
CVE
added 2014/02/28 2:0 a.m.149 views

CVE-2014-1874

The CVE-2014-1874 entry is about the Linux kernel vulnerability in security/selinux/ss/services.c: the security_context_to_sid_core function before 3.13.4 allows local users with CAP_MAC_ADMIN to set a zero-length security context, causing a denial of service (system crash). Affected product: Lin...

4.9CVSS5.9AI score0.006EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.140 views

CVE-2014-4653

Summary (CVE-2014-4653) : The ALSA control implementation in the Linux kernel has a race/lock handling issue in sound/core/control.c. It does not ensure possession of a read/write lock, enabling a local attacker to trigger a denial of service (use-after-free) and to potentially read kernel memory...

4.6CVSS5.1AI score0.00498EPSS
CVE
CVE
added 2014/02/28 2:0 a.m.137 views

CVE-2014-0069

The CVE-2014-0069 entry affects the Linux kernel (fs/cifs/file.c: cifs_iovec_write) up to version 3.13.5. The vulnerability stems from improper handling of uncached write operations that copy fewer bytes than requested, enabling local users to read kernel memory (information disclosure), cause me...

7.2CVSS6.5AI score0.00414EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.134 views

CVE-2014-4656

CVE-2014-4656 affects the Linux kernel ALSA sound control (sound/core/control.c). The vulnerability arises from multiple integer overflows in ALSA control handling, exploitable by local users via /dev/snd/controlCX to cause a denial of service. The issue is tied to (1) index values in snd_ctl_add...

4.6CVSS5.6AI score0.005EPSS
Web
CVE
CVE
added 2014/04/14 11:0 p.m.131 views

CVE-2014-2706

CVE-2014-2706 describes a race condition in the Linux kernel’s mac80211 subsystem (sta_info.c and tx.c) that, when handling network traffic in conjunction with the WLAN_STA_PS_STA (power-save) state, can cause a remote denial of service (system crash). The issue affects kernel versions prior to 3...

7.1CVSS7.8AI score0.04354EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.131 views

CVE-2014-4654

The CVE-2014-4654 issue affects the Linux kernel ALSA control implementation (snd_ctl_elem_add in sound/core/control.c). The root cause is a lack of authorization checks for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, allowing local attackers with access to /dev/snd/controlX to remove kernel controls....

4.6CVSS5.7AI score0.00498EPSS
Web
CVE
CVE
added 2014/03/24 10:0 a.m.125 views

CVE-2013-7339

The CVE-2013-7339 issue affects the Linux kernel up to version 3.12.7 (fixed in 3.12.8) where the rds_ib_laddr_check function in net/rds/ib.c allows a local attacker to trigger a NULL pointer dereference via a bind(2) call on an RDS socket on systems without RDS transports. This can cause a denia...

4.7CVSS6.1AI score0.00476EPSS
CVE
CVE
added 2014/02/15 11:0 a.m.124 views

CVE-2012-6638

CVE-2012-6638 (Linux kernel) affects the tcp_rcv_state_process in net/ipv4/tcp_input.c and can cause a DoS due to a flood of SYN+FIN packets. The vulnerability exists in kernels before 3.2.24 and is fixed in the 3.2.24 update (per ChangeLog-3.2.24). Exploitation is described as remote and results...

7.8CVSS8.3AI score0.03336EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.123 views

CVE-2014-4652

CVE-2014-4652 affects the Linux kernel ALSA sound subsystem. A race condition in the tlv handler (snd_ctl_elem_user_tlv) within sound/core/control.c before version 3.15.2 allows local users to read kernel memory via /dev/snd/controlCX. Impact is partial confidentiality of kernel memory. The vulne...

1.9CVSS5.6AI score0.00335EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.123 views

CVE-2014-4655

CVE-2014-4655 affects the Linux kernel ALSA control path: snd_ctl_elem_add in sound/core/control.c does not correctly maintain user_ctl_count, enabling a local DoS via a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE calls to /dev/snd/controlCX. Affected: Linux kernel prior to 3.15.2 (ALSA control ...

4.9CVSS5.8AI score0.00494EPSS
CVE
CVE
added 2014/06/23 10:0 a.m.117 views

CVE-2014-1739

CVE-2014-1739 affects the Linux kernel before 3.14.6, where the function media_device_enum_entities in drivers/media/media-device.c fails to initialize a data structure. This leads to an information disclosure vulnerability: a local attacker with access to /dev/media0 can read kernel memory throu...

2.1CVSS5.5AI score0.01121EPSS
Web
CVE
CVE
added 2014/09/28 10:0 a.m.117 views

CVE-2014-3185

CVE-2014-3185 affects the Linux kernel’s Whiteheat USB Serial Driver (drivers/usb/serial/whiteheat.c). The vulnerability allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by presenting a crafted USB device that suppli...

6.9CVSS6.7AI score0.00596EPSS
CVE
CVE
added 2014/08/01 10:0 a.m.114 views

CVE-2014-3534

CVE-2014-3534 (Linux kernel, s390) : The vulnerability in arch/s390/kernel/ ptrace.c allows a local user to bypass restrictions on address-space control with PTRACE_POKEUSR_AREA, gaining read/write access to kernel memory and potentially elevation of privileges via a crafted ptrace call. Affected...

7.2CVSS5.6AI score0.00469EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.113 views

CVE-2014-4611

CVE-2014-4611 concerns an integer overflow in the LZ4 implementation used in Yann Collet LZ4 prior to r118 and in the Linux kernel’s lz4_decompress.c (linux kernel before 3.15.2) on 32-bit platforms. A crafted Literal Run can trigger improper handling, enabling context-dependent attackers to caus...

5CVSS7.7AI score0.08103EPSS
In wild
CVE
CVE
added 2014/07/03 1:0 a.m.113 views

CVE-2014-4667

CVE-2014-4667 affects the Linux kernel: the sctp_association_free function in net/sctp/associola.c before version 3.15.2 fails to properly manage a specific backlog value, enabling remote attackers to trigger a denial of service (socket outage) via a crafted SCTP packet. The vulnerability is root...

5CVSS5.2AI score0.05926EPSS
CVE
CVE
added 2014/06/23 10:0 a.m.112 views

CVE-2014-4027

CVE-2014-4027 affects the Linux kernel prior to 3.14. The flaw is in the rd_build_device_space function (drivers/target/target_core_rd.c), where a data structure is not properly initialized, enabling local users to read sensitive information from ramdisk_mcp memory by abusing access to a SCSI ini...

2.3CVSS6.6AI score0.0065EPSS
CVE
CVE
added 2014/06/23 10:0 a.m.110 views

CVE-2014-4014

The CVE-2014-4014 issue is a Linux kernel local privilege escalation affecting versions before 3.14.8. The root cause is that namespaces are inapplicable to inodes, allowing a local user who creates a user namespace to bypass chmod restrictions by setting the setgid bit on a file with root group ...

6.2CVSS5.9AI score0.03303EPSS
CVE
CVE
added 2014/04/14 11:0 p.m.106 views

CVE-2014-0155

The CVE-2014-0155 entry concerns the Linux kernel up to 3.14.1, where the ioapic_deliver function in virt/kvm/ioapic.c does not properly validate the return value of kvm_irq_delivery_to_apic. This can allow a guest OS user to trigger a host OS denial of service (host crash) via a crafted entry in...

5.5CVSS5.8AI score0.00984EPSS
CVE
CVE
added 2014/02/28 2:0 a.m.106 views

CVE-2014-2038

CVE-2014-2038 affects the Linux kernel via the nfs_can_extend_write flaw in fs/nfs/write.c (before 3.13.3). The vulnerability relies on a write delegation to extend a write operation without an up‑to‑date verification, enabling local attackers to obtain sensitive kernel memory data by writing to ...

2.1CVSS6.7AI score0.00414EPSS
CVE
CVE
added 2014/03/11 1:0 a.m.103 views

CVE-2014-0049

CVE-2014-0049 affects the Linux kernel up to version 3.13.5 via a buffer overflow in the complete_emulated_mmio path of arch/x86/kvm/x86.c. The flaw allows a guest OS user to trigger an invalid memory copy that can lead to arbitrary code execution on the host. The published fix is in Linux kernel...

7.4CVSS6.9AI score0.00775EPSS
CVE
CVE
added 2014/02/28 2:0 a.m.103 views

CVE-2014-1690

The vulnerability CVE-2014-1690 affects the Linux kernel’s net/netfilter/nf_nat_irc.c before 3.12.8. An IRC DCC session with incorrect NAT mangle data can allow a remote attacker to read kernel memory. Impact is information disclosure; exploitation context is remote over the network. The fixed ve...

2.6CVSS6.7AI score0.03849EPSS
CVE
CVE
added 2014/09/28 10:0 a.m.98 views

CVE-2014-3182

CVE-2014-3182 affects the Linux kernel up to version 3.16.1, where an array index error in the logi_dj_raw_event function of drivers/hid/hid-logitech-dj.c can be exploited by a physically proximate attacker using a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value to execute arbitrary code or cau...

6.9CVSS6.5AI score0.00428EPSS
CVE
CVE
added 2014/09/28 10:0 a.m.98 views

CVE-2014-6416

CVE-2014-6416 describes a buffer overflow in net/ceph/auth_x.c used by Ceph within the Linux kernel prior to 3.16.3. An unencrypted, long auth ticket can be exploited remotely to trigger memory corruption and a kernel panic (DoS). Connected advisories reiter the same root cause and impact. Remedi...

7.8CVSS8.1AI score0.06167EPSS
CVE
CVE
added 2014/06/23 10:0 a.m.96 views

CVE-2014-0203

CVE-2014-0203 affects the Linux kernel up to version 2.6.32.x, where the __do_follow_link function in fs/namei.c mishandles the last pathname component for certain filesystems, enabling a local attacker to trigger a denial of service (incorrect free operations and system crash) via an open() call...

5.5CVSS4.9AI score0.00538EPSS
CVE
CVE
added 2014/04/01 1:0 a.m.92 views

CVE-2014-2673

CVE-2014-2673 : Linux kernel TM implementation on PowerPC has a flaw in arch_dup_task_struct interacting with clone/fork. In kernels before 3.13.7, this can allow a local user to trigger a denial of service (Program Check and system crash) by executing instructions while the processor is in Trans...

4.7CVSS6.8AI score0.00401EPSS
CVE
CVE
added 2014/02/28 2:0 a.m.88 views

CVE-2014-2039

CVE-2014-2039 affects the Linux kernel on s390 where arch/s390/kernel/head64.S mishandles attempts to use the linkage stack, enabling local users to crash the system (denial of service) by executing a crafted instruction. The linked Nessus/MiracleUnity/EulerOS advisories confirm the issue exists ...

4.9CVSS5.7AI score0.00456EPSS
CVE
CVE
added 2014/10/13 10:0 a.m.88 views

CVE-2014-7283

The vulnerability CVE-2014-7283 affects the Linux kernel xfs implementation: xfs_da3_fixhashpath in fs/xfs/xfs_da_btree.c fails to compare btree hash values correctly, before 3.14.2. This can allow local users to trigger filesystem corruption and OOPs/panic via operations on directories with hash...

4.9CVSS5AI score0.00546EPSS
CVE
CVE
added 2014/08/01 10:0 a.m.83 views

CVE-2014-5045

CVE-2014-5045 – Linux kernel mountpoint_last bug (pre-3.15.8) Affected: Linux kernel versions prior to 3.15.8.Root cause: The mountpoint_last function in fs/namei.c does not properly maintain a reference count when unmount is used in conjunction with a symlink.Impact: Local users could cause deni...

6.2CVSS6.4AI score0.00487EPSS
CVE
CVE
added 2014/06/23 10:0 a.m.75 views

CVE-2014-4157

CVE-2014-4157 affects the Linux kernel on MIPS up to 3.14.8. The fast system-call path does not configure _TIF_SECCOMP checks, letting local attackers bypass PR_SET_SECCOMP restrictions by running a crafted app without trace/audit. Impact: partial confidentiality, integrity, and availability (loc...

4.6CVSS7.8AI score0.00511EPSS
CVE
CVE
added 2014/09/28 10:0 a.m.75 views

CVE-2014-6417

CVE-2014-6417 affects net/ceph/auth_x.c in Ceph usage within the Linux kernel prior to 3.16.3. The issue arises from not handling kmalloc failure, enabling a remote attacker to cause a denial of service (system crash) or potentially other impact via a long unencrypted auth ticket. Public advisori...

7.8CVSS7.6AI score0.05244EPSS
CVE
CVE
added 2014/09/28 10:0 a.m.71 views

CVE-2014-6418

Summary of CVE-2014-6418 — firmware/driver component: In Ceph usage within the Linux kernel, net/ceph/auth_x.c handles auth replies and, prior to kernel 3.16.3, fails to properly validate them. This can be triggered by crafted data arriving from a Ceph Monitor IP address, potentially causing a de...

7.1CVSS7.7AI score0.04881EPSS