Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

10 matches found

CVE•added 2017/07/11 11:29 p.m.•299 views

CVE-2017-11176

The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.

7.8CVSS7.8AI score0.14793EPSS

CVE•added 2017/07/24 7:29 a.m.•227 views

CVE-2017-11600

net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact...

7CVSS7.3AI score0.00045EPSS

CVE•added 2017/07/21 4:29 p.m.•222 views

CVE-2017-7542

The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.

5.5CVSS6AI score0.00033EPSS

CVE•added 2017/07/25 4:29 a.m.•212 views

CVE-2017-7541

The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.

7.8CVSS7.5AI score0.00067EPSS

CVE•added 2017/07/04 8:29 p.m.•209 views

CVE-2017-10810

Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.

7.8CVSS6.8AI score0.00833EPSS

CVE•added 2017/07/05 1:29 a.m.•182 views

CVE-2017-10911

The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structur...

6.5CVSS5.6AI score0.00065EPSS

CVE•added 2017/07/17 1:18 p.m.•178 views

CVE-2017-1000363

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partia...

7.8CVSS7.5AI score0.37176EPSS

CVE•added 2017/07/20 4:29 a.m.•142 views

CVE-2017-11473

Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.

7.8CVSS7.2AI score0.00092EPSS

CVE•added 2017/07/02 5:29 p.m.•138 views

CVE-2017-8797

The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as ...

7.8CVSS7.1AI score0.31791EPSS

CVE•added 2017/07/20 4:29 a.m.•119 views

CVE-2017-11472

The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel thr...

7.1CVSS6.2AI score0.00055EPSS