Linux Kernel@3.11 Security Vulnerabilities and Issues — Linux Kernel@3.11 CVE List

Lucene search

LinuxLinux Kernel3.11

21 matches found

CVE•added 2016/11/10 9:59 p.m.•2035 views

CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

7.2CVSS7.8AI score0.94176EPSS

In wild

CVE•added 2016/10/10 11:0 a.m.•365 views

CVE-2016-7117

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

10CVSS9.3AI score0.04788EPSS

CVE•added 2016/02/08 3:59 a.m.•360 views

CVE-2016-0728

The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.

7.8CVSS6.5AI score0.5601EPSS

In wild

CVE•added 2016/07/03 9:59 p.m.•291 views

CVE-2016-4997

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value...

7.8CVSS7.5AI score0.05222EPSS

CVE•added 2016/12/28 7:59 a.m.•232 views

CVE-2016-9794

Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.

7.8CVSS7.6AI score0.00057EPSS

CVE•added 2016/11/28 3:59 a.m.•217 views

CVE-2016-9555

The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.

10CVSS9.6AI score0.32282EPSS

CVE•added 2016/12/08 8:59 a.m.•212 views

CVE-2016-8655

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

7.8CVSS7.6AI score0.40514EPSS

CVE•added 2016/11/16 5:59 a.m.•202 views

CVE-2016-7910

Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.

9.3CVSS7.4AI score0.00473EPSS

CVE•added 2016/05/23 10:59 a.m.•195 views

CVE-2016-4913

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs fil...

7.8CVSS7.4AI score0.00099EPSS

CVE•added 2016/11/16 5:59 a.m.•193 views

CVE-2016-7913

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.

9.3CVSS7.7AI score0.01071EPSS

CVE•added 2016/04/27 5:59 p.m.•191 views

CVE-2015-8812

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.

10CVSS9.4AI score0.07948EPSS

CVE•added 2016/12/30 6:59 p.m.•186 views

CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /...

7CVSS7.2AI score0.00067EPSS

CVE•added 2016/06/27 10:59 a.m.•180 views

CVE-2016-5829

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

7.8CVSS7.8AI score0.00053EPSS

CVE•added 2016/05/23 10:59 a.m.•175 views

CVE-2016-4565

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

7.8CVSS7.8AI score0.00238EPSS

CVE•added 2016/10/16 9:59 p.m.•172 views

CVE-2016-7425

The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control cod...

7.8CVSS7.4AI score0.00077EPSS

CVE•added 2016/04/27 5:59 p.m.•155 views

CVE-2015-8816

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact...

7.2CVSS7AI score0.00076EPSS

CVE•added 2016/11/16 5:59 a.m.•147 views

CVE-2016-7911

Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.

9.3CVSS7AI score0.00176EPSS

CVE•added 2016/05/23 10:59 a.m.•134 views

CVE-2016-4805

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net...

7.8CVSS7.7AI score0.00089EPSS

CVE•added 2016/06/27 10:59 a.m.•134 views

CVE-2016-5828

The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified ot...

7.8CVSS7.5AI score0.00108EPSS

CVE•added 2016/11/28 3:59 a.m.•127 views

CVE-2016-9083

drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state...

7.8CVSS7.4AI score0.00051EPSS

CVE•added 2016/07/03 9:59 p.m.•122 views

CVE-2016-3955

The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.

10CVSS9.2AI score0.12798EPSS