Lucene search
K
LinuxLinux Kernel3.19.8

30 matches found

CVE
CVE
added 2016/05/02 10:0 a.m.259 views

CVE-2015-1350

CVE-2015-1350 is confirmed in the Connected documents as a vulnerability in the Linux kernel VFS subsystem (3.x) where setattr operations underspecify removal of extended privilege attributes. This can allow local users to cause a denial of service by stripping capabilities from specific processe...

5.5CVSS6.3AI score0.00489EPSS
CVE
CVE
added 2024/02/05 7:31 a.m.208 views

CVE-2024-24857

Summary (CVE-2024-24857) : A race condition in the Linux kernel’s net/bluetooth driver function conn_info_{min,max}age_set() may cause an integrity overflow, potentially causing Bluetooth connection abnormalities or DoS. Public sources place this as a kernel issue affecting the Bluetooth subsyste...

6.8CVSS7.3AI score0.00317EPSS
CVE
CVE
added 2024/02/05 7:30 a.m.185 views

CVE-2024-24858

CVE-2024-24858 describes a race condition in the Linux kernel's Bluetooth code (net/bluetooth) specifically in {conn,adv}_{min,max}_interval_set() that can cause I2cap connection or broadcast abnormalities, potentially leading to a denial of service. The Astra Linux security bulletin also referen...

5.3CVSS7AI score0.00325EPSS
CVE
CVE
added 2016/05/09 10:0 a.m.165 views

CVE-2015-0569

CVE-2015-0569 is a heap-based buffer overflow in the WLAN private wireless extensions IOCTL path (wlan_hdd_wext.c) of the Linux kernel 3.x–4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices. The vulnerability allows a local attacker to escalate privileges via ...

9.3CVSS7.5AI score0.06468EPSS
CVE
CVE
added 2024/02/05 7:28 a.m.150 views

CVE-2024-24859

CVE-2024-24859: A race condition in Linux kernel Bluetooth code (net/bluetooth sniff_min_interval_set and sniff_max_interval_set) can trigger a bluetooth sniffing exception and potential DoS. The connected Nessus/Azure Unity Unity Linux entries confirm this CVE across multiple distributions, but ...

4.8CVSS5.8AI score0.00712EPSS
CVE
CVE
added 2016/08/30 5:0 p.m.125 views

CVE-2016-5344

CVE-2016-5344 affects the MDSS driver in the Linux kernel 3.x, used in Qualcomm QuIC Android MSM contributions. The root cause is multiple integer overflows triggered by large size values in mdss_compat_utils.c, mdss_fb.c, and mdss_rotator.c, potentially causing denial of service and possibly oth...

9.8CVSS9.2AI score0.01734EPSS
CVE
CVE
added 2016/05/09 10:0 a.m.123 views

CVE-2015-0570

CVE-2015-0570 is a stack-based buffer overflow in the SET_WPS_IE IOCTL in wlan_hdd_hostapd.c of the Linux kernel WLAN driver (3.x/4.x), as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and similar products. Exploitation requires a crafted application with a long ...

9.3CVSS7.5AI score0.01751EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.119 views

CVE-2015-0573

CVE-2015-0573 affects the Linux kernel 3.x TSC driver (drivers/media/platform/msm/broadcast/tsc.c) as used in Qualcomm Innovation Center (QuIC) Android MSM builds. The vulnerability is a use of the TSC_GET_CARD_STATUS ioctl that can trigger an invalid pointer dereference, leading to a denial of s...

9.8CVSS9.1AI score0.0168EPSS
CVE
CVE
added 2017/02/14 6:30 a.m.113 views

CVE-2017-5972

CVE-2017-5972 affects the Linux kernel 3.x TCP stack. The issue is that SYN cookies protection is not correctly applied for fast-network connection scenarios, enabling remote attackers to cause CPU denial of service by sending a flood of TCP SYN packets (as demonstrated against kernel-3.10.0 in C...

7.8CVSS7.1AI score0.2389EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.109 views

CVE-2016-2063

CVE-2016-2063 is a stack-based overflow in the MSM Thermal driver for the Linux kernel 3.x. The vulnerability resides in supply_lm_input_write within drivers/thermal/supply_lm_core.c and can be triggered by sending a large amount of data via the debugfs interface, enabling a local attacker to cau...

7.8CVSS7.9AI score0.00459EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.104 views

CVE-2016-2065

The CVE-2016-2065 entry concerns the MSM QDSP6 audio driver (sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c) in the Linux kernel 3.x, used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices. The flaw arises from incorrect use of a parameters pointer when handling an ioctl...

7.8CVSS8.2AI score0.01425EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.104 views

CVE-2016-2853

CVE-2016-2853 – Linux kernel aufs Privilege Escalation : The vulnerability arises in the aufs module (Linux kernel 3.x/4.x) where mount namespace restrictions are insufficient. A local attacker can mount an aufs filesystem atop a FUSE filesystem and, by executing a crafted setuid program, escalat...

7.8CVSS7.3AI score0.00905EPSS
CVE
CVE
added 2016/12/08 9:0 p.m.101 views

CVE-2015-8967

From connected documents: CVE-2015-8967 affects the Linux kernel's arch/arm64/kernel/sys.c prior to version 4.0. Local users with write access can bypass the kernel’s strict page permissions and modify the system-call table to gain privileges, implying local privilege escalation. A patch/commit a...

9.3CVSS8AI score0.00833EPSS
CVE
CVE
added 2015/11/16 11:0 a.m.99 views

CVE-2015-7312

CVE-2015-7312 affects the Linux kernel 3.x/4.x via race conditions in the aufs aufs3-mmap.patch and aufs4-mmap.patch patches. The vulnerability allows local users to cause denial of service (use-after-free/BUG) or potentially gain privileges through madvise or msync calls, related to mm/madvise.c...

4.4CVSS5.8AI score0.00389EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.98 views

CVE-2016-2854

CVE-2016-2854 concerns the AUFS module in the Linux kernel (versions 3.x/4.x), which does not properly maintain POSIX ACL xattr data. This can allow a local attacker to gain privileges by exploiting a group-writable setgid directory. The connected documents confirm the vulnerability and its local...

7.8CVSS7.3AI score0.0095EPSS
CVE
CVE
added 2016/05/05 9:0 p.m.96 views

CVE-2016-2062

The CVE-2016-2062 issue affects the Adreno GPU driver for the Linux kernel (3.x) as used in Qualcomm QuIC MSM Android contributions. The root cause is an incorrect integer data type in adreno_perfcounter_query_group within drivers/gpu/msm/adreno_perfcounter.c, which can lead to a denial of servic...

7.8CVSS7.8AI score0.00205EPSS
CVE
CVE
added 2016/07/11 1:0 a.m.93 views

CVE-2016-2067

CVE-2016-2067 affects the Linux kernel MSM GPU driver: drivers/gpu/msm/kgsl.c in the MSM graphics driver (QuIC Android contributions) for kernel 3.x. The root cause is mishandling of the KGSL_MEMFLAGS_GPUREADONLY flag, which can create accidental read/write mappings. This enables a local attacker...

9.3CVSS7.4AI score0.00679EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.92 views

CVE-2014-9410

The CVE-2014-9410 entry affects the MSM-VFE31 driver for the Linux kernel 3.x (as used in Qualcomm Innovation Center Android contributions). The vulnerability is in vfe31_proc_general, which does not validate a specific id value, enabling a local attacker to gain privileges or cause memory corrup...

9.8CVSS8.8AI score0.01298EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.90 views

CVE-2016-5340

CVE-2016-5340 is tied to a vulnerability in the KGSL Linux Graphics Module exposed by a QuIC Android patch for Linux kernel 3.x. The issue arises from the function is_ashmem_file in drivers/staging/android/ashmem.c, where pointer validation is mishandled. This design flaw can allow an attacker to...

7.8CVSS7.1AI score0.00303EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.89 views

CVE-2015-5706

CVE-2015-5706 is a local-use-after-free vulnerability in the Linux kernel (path_openat in fs/namei.c) affecting 3.x and 4.x before 4.0.4. An attacker can trigger a denial of service (and possibly other impact) via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation. Remedi...

4.6CVSS6AI score0.00436EPSS
CVE
CVE
added 2016/10/10 10:0 a.m.84 views

CVE-2016-5343

CVE-2016-5343 affects the Linux kernel driver drivers/soc/qcom/qdsp6v2/voice_svc.c (QDSP6v2 Voice Service) used in Qualcomm MSM Android contributions. The vulnerability is a buffer overflow in voice_svc_send_req triggered by a write request, which can cause memory corruption and enable a denial o...

9.8CVSS9.3AI score0.03304EPSS
CVE
CVE
added 2016/10/10 10:0 a.m.83 views

CVE-2015-0572

The CVE-2015-0572 entry concerns the ADSPRPC driver for the Linux kernel (drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c) used in Qualcomm QuIC MSM Android contributions and other devices. The issue is a race condition that can be exploited via the COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl, ...

7CVSS8.2AI score0.00287EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.82 views

CVE-2016-2064

The CVE-2016-2064 entry concerns the MSM QDSP6 audio driver (Linux kernel 3.x) in sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c, used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices. The vulnerability arises from an ioctl handling flaw that allows a crafted applicatio...

7.8CVSS7.7AI score0.00576EPSS
CVE
CVE
added 2016/06/13 1:0 a.m.81 views

CVE-2016-2066

CVE-2016-2066 affects the MSM QDSP6 audio driver in the Linux kernel 3.x as used in Qualcomm QuIC Android contributions for MSM devices and related products. The issue is an integer signedness error in the msm-audio-effects-q6-v2.c path that handles ioctl commands, leading to memory corruption. P...

7.8CVSS7.3AI score0.01384EPSS
CVE
CVE
added 2016/07/11 1:0 a.m.77 views

CVE-2016-2068

The CVE-2016-2068 issue affects the MSM QDSP6 (sound) driver in the Linux kernel 3.x, used in Qualcomm QuIC Android contributions. The vulnerability arises in the driver when handling AUDIO_EFFECTS_WRITE (or AUDIO_EFFECTS_READ) operations, due to integer overflow and potential buffer overflow or ...

7.8CVSS7.6AI score0.00739EPSS
CVE
CVE
added 2016/08/30 5:0 p.m.77 views

CVE-2016-5342

The CVE-2016-5342 entry describes a heap-based buffer overflow in the wcnss_wlan_write function of the Linux kernel 3.x wcnss_wlan driver (drivers/net/wireless/wcnss/wcnss_wlan.c) used in Qualcomm QuIC MSM Android contributions. An attacker could trigger a denial of service or potentially other i...

7.8CVSS7.9AI score0.00511EPSS
CVE
CVE
added 2016/06/13 1:0 a.m.73 views

CVE-2016-2061

CVE-2016-2061 is described in connected EulerOS/Nessus content as an integer signedness error in the Linux kernel MSM V4L2 video driver (3.x), used in Qualcomm QuIC MSM contributions. It can allow privilege escalation or a denial-of-service via a crafted application that triggers msm_isp_axi_crea...

7.8CVSS7.4AI score0.01143EPSS
CVE
CVE
added 2016/05/05 9:0 p.m.71 views

CVE-2016-2059

The CVE-2016-2059 issue affects the Linux kernel IPC router module (msm_ipc_router_bind_control_port) in the IPC router core for kernel 3.x used in Qualcomm QuIC Android MSM devices. The vulnerability arises because the function does not verify that a port is a client port, enabling a local attac...

7CVSS7.4AI score0.00207EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.69 views

CVE-2015-0568

The CVE-2015-0568 entry describes a use-after-free in the MSM-Camera driver (drivers/media/video/msm/msm_camera.c), in the msm_set_crop function, for the Linux kernel 3.x used with Qualcomm Innovation Center (QuIC) Android contributions. A crafted ioctl call from a local attacker can trigger memo...

7.8CVSS7.3AI score0.00902EPSS
CVE
CVE
added 2017/04/04 6:0 p.m.65 views

CVE-2016-5870

CVE-2016-5870 concerns the msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c within the ipc_router component of the Linux kernel (3.x), as used in Qualcomm QuIC Android contributions for MSM devices. The vulnerability allows a denial of service via a NULL pointer dereference or ...

7.8CVSS7.8AI score0.00393EPSS