Lucene search
K
LinuxLinux Kernel4.20.15

8 matches found

CVE
CVE
added 2016/05/09 10:0 a.m.166 views

CVE-2015-0571

CVE-2015-0571 is a local privilege-escalation in the WLAN driver for the Linux kernel as used in Qualcomm QuIC Android contributions (MSM devices and related products). The issue arises from the driver’s lack of authorization checks for private SET IOCTL calls, allowing a crafted application to g...

9.3CVSS7.2AI score0.01354EPSS
CVE
CVE
added 2016/05/09 10:0 a.m.165 views

CVE-2015-0569

CVE-2015-0569 is a heap-based buffer overflow in the WLAN private wireless extensions IOCTL path (wlan_hdd_wext.c) of the Linux kernel 3.x–4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices. The vulnerability allows a local attacker to escalate privileges via ...

9.3CVSS7.5AI score0.06468EPSS
CVE
CVE
added 2017/04/24 6:12 a.m.133 views

CVE-2010-5321

CVE-2010-5321 affects the Linux kernel videobuf subsystem (videobuf-core.c and related via videobuf-vmalloc.c) with a memory-leak vulnerability that can be exploited by local users via /dev/video mmap calls to trigger memory allocations and cause a denial of service. Public sources in the connect...

4.9CVSS5.1AI score0.00401EPSS
CVE
CVE
added 2016/05/09 10:0 a.m.123 views

CVE-2015-0570

CVE-2015-0570 is a stack-based buffer overflow in the SET_WPS_IE IOCTL in wlan_hdd_hostapd.c of the Linux kernel WLAN driver (3.x/4.x), as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and similar products. Exploitation requires a crafted application with a long ...

9.3CVSS7.5AI score0.01751EPSS
CVE
CVE
added 2017/03/03 11:0 a.m.108 views

CVE-2015-2877

CVE-2015-2877 affects Kernel Samepage Merging (KSM) in Linux kernels 2.6.32–4.x. The write-timing side channel allows a guest OS user to defeat ASLR on other guest instances via Cross-VM ASL Introspection (CAIN). The entry notes that disabling deduplication mitigates the attack vector. No explici...

3.3CVSS4AI score0.00942EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.104 views

CVE-2016-2853

CVE-2016-2853 – Linux kernel aufs Privilege Escalation : The vulnerability arises in the aufs module (Linux kernel 3.x/4.x) where mount namespace restrictions are insufficient. A local attacker can mount an aufs filesystem atop a FUSE filesystem and, by executing a crafted setuid program, escalat...

7.8CVSS7.3AI score0.00905EPSS
CVE
CVE
added 2015/11/16 11:0 a.m.99 views

CVE-2015-7312

CVE-2015-7312 affects the Linux kernel 3.x/4.x via race conditions in the aufs aufs3-mmap.patch and aufs4-mmap.patch patches. The vulnerability allows local users to cause denial of service (use-after-free/BUG) or potentially gain privileges through madvise or msync calls, related to mm/madvise.c...

4.4CVSS5.8AI score0.00389EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.98 views

CVE-2016-2854

CVE-2016-2854 concerns the AUFS module in the Linux kernel (versions 3.x/4.x), which does not properly maintain POSIX ACL xattr data. This can allow a local attacker to gain privileges by exploiting a group-writable setgid directory. The connected documents confirm the vulnerability and its local...

7.8CVSS7.3AI score0.0095EPSS