Lucene search
K

39 matches found

CVE
CVE
added 2017/05/10 4:0 p.m.3271 views

CVE-2017-8890

CVE-2017-8890 is a Linux kernel vulnerability affecting the IPv4 networking stack. The issue is a double free in inet_csk_clone_lock() in net/ipv4/inet_connection_sock.c, which can be triggered via the accept() system call and leads to a denial of service (kernel memory corruption/crash). The Cen...

7.8CVSS7.9AI score0.01372EPSS
CVE
CVE
added 2017/02/18 9:40 p.m.373 views

CVE-2017-6074

CVE-2017-6074 affects the Linux kernel up to 4.9.11, where dccp_rcv_state_process in net/dccp/input.c mishandles DCCP_PKT_REQUEST data in LISTEN state. This can allow a local user to gain root privileges or trigger a denial of service (double free) via an application using IPV6_RECVPKTINFO setsoc...

7.8CVSS7.3AI score0.0596EPSS
CVE
CVE
added 2017/07/11 11:0 p.m.367 views

CVE-2017-11176

CVE-2017-11176 is a local vulnerability in the Linux kernel’s Netlink mq_notify path. The issue arises because mq_notify does not set the sock pointer to NULL when entering retry logic, enabling a use-after-free scenario during a user-space close of a Netlink socket. Public sources describe poten...

7.8CVSS7.8AI score0.03631EPSS
CVE
CVE
added 2017/12/07 7:0 p.m.346 views

CVE-2017-1000410

Summary of CVE-2017-1000410 (Linux kernel info leak) : The vulnerability affects Linux kernel 3.3-rc1 and later in how L2CAP ConfigRequest/ConfigResponse are parsed. A stack variable (struct l2cap_conf_efs efs) is declared uninitialized and, depending on parsing flow and input, can be leaked back...

7.5CVSS7.1AI score0.04252EPSS
CVE
CVE
added 2017/04/28 10:0 a.m.339 views

CVE-2017-7895

CVE-2017-7895 affects the Linux kernel NFSv2/v3 server (fs/nfsd/nfs3xdr.c, fs/nfsd/nfsxdr.c). A remote attacker can craft requests that bypass end-of-buffer checks, triggering pointer-arithmetic errors or other unspecified impacts. Affected kernels include up to 4.10.13; remediation is to upgrade...

10CVSS9.7AI score0.1081EPSS
CVE
CVE
added 2017/08/19 6:0 p.m.316 views

CVE-2017-10661

CVE-2017-10661 is a race condition in Linux kernel timerfd (fs/timerfd.c) that affects versions before 4.10.15. The flaw arises from improper protection of the might_cancel queue during concurrent timerfd operations, enabling local attackers to cause a denial of service or gain privileges via lis...

7.6CVSS7.2AI score0.13378EPSS
CVE
CVE
added 2017/11/15 9:0 p.m.294 views

CVE-2017-15115

CVE-2017-15115: Linux kernel prior to 4.14 allows local users to trigger a denial of service (use-after-free in sctp_do_peeloff in net/sctp/socket.c) via crafted system calls. Impact is system crash; no explicit exploit details provided in the documents beyond this. The IBM bulletin references th...

7.8CVSS7.7AI score0.0047EPSS
CVE
CVE
added 2017/12/20 11:0 p.m.291 views

CVE-2017-17807

CVE-2017-17807 : Linux kernel KEYS subsystem vulnerability where the request_key() path can bypass access control when adding a key to the current task’s default request-key keyring. An unpatched kernel (pre-4.14.6) could allow a local attacker to craft a sequence of system calls to insert keys i...

3.3CVSS5AI score0.0042EPSS
CVE
CVE
added 2017/04/17 12:0 a.m.273 views

CVE-2017-7889

CVE-2017-7889 affects the Linux kernel mm subsystem (up to 3.2); a local attacker with access to /dev/mem can read/write kernel memory due to CONFIG_STRICT_DEVMEM not being properly enforced in arch/x86/mm/init.c and drivers/char/mem.c. Public details: Debian security advisories show fixes (e.g.,...

7.8CVSS7.1AI score0.00308EPSS
CVE
CVE
added 2017/05/19 2:0 p.m.264 views

CVE-2017-9077

CVE-2017-9077 : The Linux kernel's tcp_v6_syn_recv_sock in net/ipv6/tcp_ipv6.c mishandles inheritance, enabling a local attacker to cause a denial of service via crafted system calls. The connected CentOS/CSA entries corroborate kernel-level impact and note security updates; no remote exploit det...

7.8CVSS7.9AI score0.00724EPSS
CVE
CVE
added 2017/03/19 6:0 p.m.262 views

CVE-2017-7184

The CVE-2017-7184 issue affects the Linux kernel xfrm subsystem, where xfrm_replay_verify_len in net/xfrm/xfrm_user.c up to 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, enabling a local attacker with CAP_NET_ADMIN to cause a heap-based out-of-bounds access and potent...

7.8CVSS7.3AI score0.01798EPSS
CVE
CVE
added 2017/10/16 6:0 p.m.257 views

CVE-2017-15265

CVE-2017-15265 is a race condition in the ALSA sequencer subsystem of the Linux kernel, up to version 4.13.8. A local attacker can trigger a use-after-free via crafted /dev/snd/seq ioctl calls, leading to denial of service (crash) or potentially other impacts. The vulnerability is fixed in the up...

7CVSS7.4AI score0.00377EPSS
CVE
CVE
added 2017/04/18 2:0 p.m.247 views

CVE-2017-7645

The CVE-2017-7645 issue affects the Linux kernel NFSv2/v3 server (nfsd) and is triggered by processing long RPC replies. The root cause is an out-of-bounds memory access in the NFS server paths (net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, fs/nfsd/nfsxdr.c) that can lead to a system crash (DoS). Affected...

7.8CVSS7.9AI score0.05905EPSS
CVE
CVE
added 2017/05/19 6:25 a.m.241 views

CVE-2017-9076

CVE-2017-9076 is a Linux kernel issue reported in the CentOS/Red Hat advisory set (CESA-2018:1854) tied to the IPv6 DCCP implementation. The vulnerability arises from mishandling of inheritance in the IPv6 DCCP code, allowing a local attacker to cause a denial of service or possibly other unspeci...

7.8CVSS7.9AI score0.00366EPSS
CVE
CVE
added 2017/05/19 6:25 a.m.240 views

CVE-2017-9075

CVE-2017-9075 affects the Linux kernel network subsystem: the sctp_v6_create_accept_sk function in net/sctp/ipv6.c mishandles inheritance, enabling a local attacker to cause a denial of service (and possibly other effects) via crafted system calls. Connected CentOS Red Hat advisories (e.g., CESA/...

7.8CVSS7.9AI score0.00366EPSS
CVE
CVE
added 2017/05/19 6:25 a.m.222 views

CVE-2017-9074

Affected software: Linux kernel IPv6 fragmentation code. Root cause: nexthdr field may be associated with an invalid option, leading to an out-of-bounds read/BUG via crafted socket and send calls. Impact: local denial of service and potential unspecified effects (information leakage/compromise as...

7.8CVSS7.8AI score0.00419EPSS
CVE
CVE
added 2017/12/20 11:0 p.m.207 views

CVE-2017-17806

CVE-2017-17806 affects the Linux kernel before 4.14.8. The HMAC implementation (crypto/hmac.c) does not validate that the underlying hash algorithm is unkeyed, allowing a local attacker who can use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and SHA-3 (CONFIG_CRYPTO_SHA3) to tri...

7.8CVSS7.4AI score0.00561EPSS
CVE
CVE
added 2017/11/22 6:0 p.m.201 views

CVE-2017-12193

CVE-2017-12193 affects the Linux kernel: the function assoc_array_insert_into_terminal_node in lib/assoc_array.c mishandles node splitting, leading to a NULL pointer dereference and kernel panic via a crafted application. The vulnerability is in kernels prior to 4.13.11, enabling local attackers ...

5.5CVSS5.8AI score0.00451EPSS
CVE
CVE
added 2017/05/02 9:0 p.m.195 views

CVE-2014-9940

CVE-2014-9940 affects the Linux kernel regulator_ena_gpio_free function in drivers/regulator/core.c, with exploitation possible through local access to gain privileges or cause a denial of service via a use-after-free. Affected condition is kernel versions before 3.19. Impact per sources is high ...

7.6CVSS6.6AI score0.01613EPSS
CVE
CVE
added 2017/02/07 7:2 a.m.181 views

CVE-2016-10044

CVE-2016-10044 is supported by connected advisories: the Linux kernel up to version 4.7.7 contains a vulnerability in the aio_mount path. Specifically, the aio_mount function in fs/aio.c did not properly restrict execute access, enabling local users to bypass SELinux W^X policy and gain privilege...

7.8CVSS7.3AI score0.00299EPSS
CVE
CVE
added 2017/03/20 2:0 p.m.172 views

CVE-2017-7187

The CVE-2017-7187 issue affects the Linux kernel sg_ioctl in drivers/scsi/sg.c, where a large SG_NEXT_CMD_LEN ioctl can trigger a stack-based buffer overflow, leading to a DoS or potentially other impact via out-of-bounds writes in sg_write. Descriptions across connected sources (CNVD-2017-03858)...

7.8CVSS7.9AI score0.00414EPSS
CVE
CVE
added 2017/11/27 7:0 p.m.167 views

CVE-2017-16994

The CVE-2017-16994 vulnerability affects the Linux kernel’s walk_hugetlb_range function in mm/pagewalk.c, where holes in hugetlb ranges are mishandled. This allows a local attacker to obtain sensitive information from uninitialized kernel memory via a crafted mincore() call. Public sources attrib...

5.5CVSS5.5AI score0.02084EPSS
CVE
CVE
added 2017/07/20 4:0 a.m.164 views

CVE-2017-11473

CVE-2017-11473 describes a buffer overflow in the Linux kernel, specifically in arch/x86/kernel/acpi/boot.c::mp_override_legacy_irq(), up to version 3.2. An attacker with local access can escalate privileges by presenting a crafted ACPI table. Exploitation is local and does not require user inter...

7.8CVSS7.2AI score0.00412EPSS
CVE
CVE
added 2017/05/14 10:0 p.m.160 views

CVE-2017-7487

The CVE-2017-7487 issue is in the Linux kernel net/ipx/af_ipx.c ipxitf_ioctl: reference count mishandling causes a use-after-free via a failed SIOCGIFADDR on an IPX interface, enabling local denial of service. Evidence in connected Nessus advisories confirms the vulnerability and that it affects ...

7.8CVSS7.5AI score0.00395EPSS
CVE
CVE
added 2017/02/24 3:0 p.m.159 views

CVE-2017-5669

The vulnerability CVE-2017-5669 affects the Linux kernel’s do_shmat() in ipc/shm.c up to and including 4.9.12, where the rounding operation on the mapped address is not restricted. This allows local (privileged) users to map page zero and bypass the mmap protection mechanism via crafted shmget/sh...

7.8CVSS6.4AI score0.004EPSS
CVE
CVE
added 2017/11/04 1:0 a.m.154 views

CVE-2017-16526

CVE-2017-16526 affects the Linux kernel driver code drivers/uwb/uwbd.c up to version 4.13.5; a crafted USB device could trigger a general protection fault and system crash via local access, potentially causing denial of service or other impact. The connected Unity Linux advisories (UTSA-2026-0016...

7.8CVSS7.4AI score0.00323EPSS
CVE
CVE
added 2017/11/30 6:0 p.m.148 views

CVE-2017-15116

CVE-2017-15116 affects the Linux kernel rngapi_reset() in crypto/rng.c, vulnerable before version 4.2. The issue allows a local attacker to trigger a NULL pointer dereference, causing a denial of service. Connected Nessus advisories (Unity Linux and EulerOS entries) reiterate the same description...

5.5CVSS6.3AI score0.00377EPSS
CVE
CVE
added 2017/11/04 1:0 a.m.146 views

CVE-2017-16533

CVE-2017-16533 affects the Linux kernel’s usbhid_parse() in drivers/hid/usbhid/hid-core.c up to and including version 4.13.7; a crafted USB device can cause an out-of-bounds read, leading to local denial of service or a crash. Affected component: HID USB host controller driver (usbhid). Root caus...

7.2CVSS6.7AI score0.00383EPSS
CVE
CVE
added 2017/11/04 1:0 a.m.141 views

CVE-2017-16532

CVE-2017-16532: A vulnerability in the Linux kernel ≤ 4.13.11 affects the get_endpoints function in drivers/usb/misc/usbtest.c, enabling local users to trigger a denial of service via a crafted USB device, through a NULL pointer dereference and potential system crash. The issue is triggered by a ...

7.2CVSS6.9AI score0.004EPSS
CVE
CVE
added 2017/11/04 1:0 a.m.139 views

CVE-2017-16529

CVE-2017-16529 affects the Linux kernel’s snd_usb_create_streams in sound/usb/card.c, allowing a local attacker to trigger an out-of-bounds read and system crash via a crafted USB device, with impact described as a denial of service and potentially other effects. The issue is present in kernels p...

7.2CVSS6.7AI score0.00398EPSS
CVE
CVE
added 2017/11/04 1:0 a.m.136 views

CVE-2017-16530

CVE-2017-16530 affects the Linux kernel uas driver (drivers/usb/storage/uas.c; uas-detect.h). The issue allows a local user to trigger a denial of service or potentially other impact via a crafted USB device, caused by an out-of-bounds read. Affected condition is the uas driver in the kernel prio...

7.2CVSS6.6AI score0.00386EPSS
CVE
CVE
added 2017/11/04 1:0 a.m.134 views

CVE-2017-16527

CVE-2017-16527 affects the Linux kernel component sound/usb/mixer.c, vulnerable before version 4.13.8. A crafted USB device can trigger a snd_usb_mixer_interrupt use-after-free, causing denial of service or system crash. Exploitation vectors are local to physical USB device interaction. The conne...

7.2CVSS6.7AI score0.00379EPSS
CVE
CVE
added 2017/11/04 1:0 a.m.134 views

CVE-2017-16531

CVE-2017-16531 affects the Linux kernel before 4.13.6, where the driver/usb/core/config.c path allows a local user to trigger an out-of-bounds read via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor. Exploitation could cause a denial of service (kernel crash) and pot...

7.2CVSS6.7AI score0.00398EPSS
CVE
CVE
added 2017/11/15 9:0 p.m.125 views

CVE-2017-15102

CVE-2017-15102 originates from the Linux kernel prior to 4.8.1, where the tower_probe function in drivers/usb/misc/legousbtower.c can be exploited locally by a near-physically proximate attacker via a crafted USB device. The issue is triggered by a write-what-where condition that arises after a r...

6.9CVSS6.2AI score0.00391EPSS
CVE
CVE
added 2017/08/19 6:0 p.m.116 views

CVE-2017-10662

The CVE-2017-10662 issue affects the Linux kernel’s F2FS implementation: the sanity_check_raw_super function in fs/f2fs/super.c fails to validate the segment count, enabling local privilege escalation. Concretely, affected versions are before 4.11.1. Several connected advisories (e.g., UTSA/Euler...

7.8CVSS7.2AI score0.00465EPSS
CVE
CVE
added 2017/06/28 6:0 a.m.95 views

CVE-2017-9985

CVE-2017-9985 is a local double-fetch vulnerability in the Linux kernel (snd_msndmidi_input_read in sound/isa/msnd/msnd_midi.c) affecting up to version 4.11.7. Exploitation can cause denial of service (over-boundary access) with potential unspecified impact. Public references in Nessus/OpenVAS/U-...

7.8CVSS7.5AI score0.00331EPSS
CVE
CVE
added 2017/05/02 9:0 p.m.94 views

CVE-2015-9004

CVE-2015-9004 affects the Linux kernel up to version 3.18 (pre-3.19). The flaw is in kernel/events/core.c where improper handling of counter grouping enables local privilege escalation via crafted apps, involving perf_pmu_register and perf_event_open. The impact is local Privilege Escalation with...

9.3CVSS7.2AI score0.00845EPSS
CVE
CVE
added 2017/06/28 6:0 a.m.81 views

CVE-2017-9984

The CVE-2017-9984 issue affects the Linux kernel’s snd_msnd_interrupt path (sound/isa/msnd/msnd_pinnacle.c) and is a local, double-fetch vulnerability that can allow over-boundary access to a message queue head pointer, potentially enabling DoS or other impact. The advisory notes vulnerable until...

7.8CVSS7.5AI score0.00378EPSS
CVE
CVE
added 2017/10/29 6:0 a.m.61 views

CVE-2006-5331

CVE-2006-5331 affects the Linux kernel on 64-bit PowerPC systems. The altivec_unavailable_exception function mishandles the path where CONFIG_ALTIVEC is defined and the CPU supports Altivec, but Altivec support was not detected by the kernel, enabling a local user to trigger an Altivec instructio...

5.5CVSS5.2AI score0.00432EPSS