Lucene search
+L

16 matches found

CVE
CVE
added 2015/08/31 10:0 a.m.232 views

CVE-2015-5157

CVE-2015-5157 affects the Linux kernel prior to 4.1.6 on x86_64. The issue is in arch/x86/entry/entry_64.S where IRET faults during NMIs that occur in userspace are mishandled, potentially allowing a local user to gain privileges. The vulnerability is described in several connected advisories as ...

7.2CVSS5.7AI score0.00624EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.201 views

CVE-2015-5364

The CVE-2015-5364 issue affects the Linux kernel prior to 4.0.6, where udp_recvmsg/udpv6_recvmsg fail to handle processor yielding correctly, enabling remote attackers to trigger a denial of service (system hang) via UDP packet flood with incorrect checksums. Related CVE-2015-5366 also concerns U...

7.8CVSS5.7AI score0.06267EPSS
CVE
CVE
added 2015/12/28 11:0 a.m.196 views

CVE-2015-8543

CVE-2015-8543 affects the Linux kernel networking stack (up to version 4.3.3 as used in Android and others). The issue: the networking implementation does not validate protocol identifiers for certain protocol families, enabling local users to cause a NULL pointer dereference and system crash, wi...

7CVSS7AI score0.0122EPSS
CVE
CVE
added 2015/01/09 9:0 p.m.178 views

CVE-2014-9584

CVE-2014-9584 affects the Linux kernel where the function parse_rock_ridge_inode_internal in fs/isofs/rock.c does not validate a length value in the ER System Use Field, enabling local users to obtain sensitive kernel memory via a crafted iso9660 image. This vulnerability exists in kernels before...

2.1CVSS4.5AI score0.00461EPSS
CVE
CVE
added 2015/05/27 10:0 a.m.178 views

CVE-2015-3331

CVE-2015-3331 affects the Linux kernel up to 3.19.2, where __driver_rfc4106_decrypt in arch/x86/crypto/aesni-intel_glue.c mishandles memory locations for encrypted data, enabling a context-dependent attacker to trigger a buffer overflow via a crypto API call (e.g., with a libkcapi test program us...

9.3CVSS6.6AI score0.10108EPSS
CVE
CVE
added 2015/11/16 11:0 a.m.172 views

CVE-2015-2925

The vulnerability CVE-2015-2925 affects the Linux kernel prior to 4.2.4, specifically the prepend_path function in fs/dcache.c. It allows a local attacker to bypass container protections by renaming a directory inside a bind mount, enabling a double-chroot-style escape. The impact is enabling pri...

6.9CVSS5.8AI score0.01246EPSS
CVE
CVE
added 2015/01/09 9:0 p.m.165 views

CVE-2014-9529

CVE-2014-9529: A race condition in Linux kernel key garbage collection (key_gc_unused_keys in security/keys/gc.c) up to 3.18.2 can enable local users to cause DoS or memory corruption during key garbage collection via keyctl. Connected advisory confirms kernel upstream fix and lists commit a3a878...

6.9CVSS6.2AI score0.00336EPSS
CVE
CVE
added 2015/10/19 10:0 a.m.156 views

CVE-2015-7613

CVE-2015-7613 is a Linux kernel race condition in the IPC object implementation (up to version 4.2.3) that can allow a local unprivileged user to escalate privileges by triggering ipc_addid, which uses uid/gid values from uninitialized data (topics include msg.c, shm.c, util.c). Connected sources...

6.9CVSS6.1AI score0.00412EPSS
CVE
CVE
added 2015/03/02 11:0 a.m.154 views

CVE-2014-8160

CVE-2014-8160 : In the Linux kernel, net/netfilter/nf_conntrack_proto_generic.c before 3.18 generates incorrect conntrack entries when handling certain iptables rule sets for SCTP, DCCP, GRE, and UDP-Lite. This can allow remote attackers to bypass intended access restrictions by sending packets w...

5CVSS5.7AI score0.05489EPSS
CVE
CVE
added 2015/03/02 11:0 a.m.147 views

CVE-2015-0239

CVE-2015-0239 affects the Linux kernel KVM emulation path (arch/x86/kvm/emulate.c). If a guest OS does not initialize SYSENTER MSRs, em_sysenter can trigger using a 16‑bit code segment to emulate SYSENTER, allowing a guest OS user to gain guest privileges or cause a guest crash. The vulnerability...

4.4CVSS5.7AI score0.00643EPSS
CVE
CVE
added 2015/03/02 11:0 a.m.132 views

CVE-2014-9644

CVE-2014-9644 affects the Linux kernel Crypto API prior to 3.18.5. It allows a local user to load arbitrary kernel modules by abusing a bind() call on an AF_ALG socket with a module template expression (eg, vfat(aes)) in salg_name. This is a local, privilege-related issue, separate from CVE-2013-...

2.1CVSS5.7AI score0.00552EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.128 views

CVE-2015-3290

The connected Astra Linux bulletin describes CVE-2015-3290 in the Linux kernel context and confirms the vulnerability fix: limiting the Haswell performance counter period to mitigate NMI-related privilege escalation. It documents that the issue stemmed from a too-small initial frequency-estimatio...

7.2CVSS5.5AI score0.01103EPSS
CVE
CVE
added 2015/03/02 11:0 a.m.127 views

CVE-2013-7421

CVE-2013-7421 : Linux kernel Crypto API flaw allows a local user to load arbitrary kernel modules via a bind() on an AF_ALG socket with a salg_name, in kernels before 3.18.5. This is the same class as CVE-2014-9644 and is addressed by the 3.18.5 fix (ChangeLog-3.18.5). Connected IBM and vendor ad...

2.1CVSS5.7AI score0.00716EPSS
CVE
CVE
added 2015/08/31 8:0 p.m.117 views

CVE-2015-4036

CVE-2015-4036: An array index error in Linux kernel before 4.0 in drivers/vhost/scsi.c (tcm_vhost_make_tpg, renamed to vhost_scsi_make_tpg) can allow local guest OS users to cause a denial of service (memory corruption) or potentially other impact via a crafted VHOST_SCSI_SET_ENDPOINT IOCTL. Expl...

7.2CVSS7.5AI score0.00589EPSS
CVE
CVE
added 2015/06/07 11:0 p.m.110 views

CVE-2015-4002

CVE-2015-4002 affects the OZWPAN driver in the Linux kernel (drivers/staging/ozwpan/ozusbsvc1.c) up to version 4.0.5. The issue is a length-value handling flaw where certain length values are not sufficiently large, enabling remote attackers to cause a denial of service (system crash or large loo...

9CVSS7.8AI score0.08339EPSS
CVE
CVE
added 2015/05/27 10:0 a.m.107 views

CVE-2014-9710

CVE-2014-9710 affects the Linux kernel’s Btrfs xattr handling prior to 3.19. The vulnerability arises because the visible xattr state may not be consistent with a requested replacement, enabling local attackers to bypass ACLs and gain privileges through standard filesystem operations during an xa...

6.9CVSS7.1AI score0.00277EPSS