Lucene search
K

129 matches found

CVE
CVE
added 2014/06/07 2:0 p.m.1168 views

CVE-2014-3153

The CVE-2014-3153 issue affects the Linux kernel futex_requeue path (kernel/futex.c) through version 3.14.5. A local unprivileged user can exploit FUTEX_REQUEUE with two identical futex addresses to gain privileges or modify waiter state, causing potential privilege escalation and memory impact. ...

7.8CVSS6.5AI score0.37233EPSS
In wild
CVE
CVE
added 2014/05/07 10:0 a.m.603 views

CVE-2014-0196

CVE-2014-0196 affects the Linux kernel (through 3.14.3) specifically the n_tty_write function in drivers/tty/n_tty.c. The flaw permits a local user to trigger a race condition between read and write operations with long strings in the LECHO & !OPOST case, enabling denial of service (memory corrup...

6.9CVSS6.3AI score0.22475EPSS
In wild
CVE
CVE
added 2014/03/11 1:0 a.m.338 views

CVE-2014-0101

The CVE-2014-0101 issue affects the Linux kernel up to version 3.13.6, where the function sctp_sf_do_5_1D_ce in net/sctp/sm_statefuns.c does not validate certain auth_enable/auth_capable fields before sctp_sf_authenticate. This can enable a remote attacker to cause a denial of service by sending ...

7.8CVSS5.9AI score0.07045EPSS
CVE
CVE
added 2014/03/24 10:0 a.m.323 views

CVE-2014-2523

CVE-2014-2523 applies to the Linux kernel code path net/netfilter/nf_conntrack_proto_dccp.c up to version 3.13.6. The vulnerability arises from incorrect handling of a DCCP header pointer, which could allow remote attackers to cause a system crash ( denial of service ) or potentially execute arbi...

10CVSS7.2AI score0.10385EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.240 views

CVE-2014-8559

CVE-2014-8559 is tied to the Linux kernel up to version 3.17.2, where the d_walk function in fs/dcache.c fails to properly preserve the semantics of rename_lock. This can allow a local attacker to cause a denial of service via a deadlock and system hang. The connected advisories state that the is...

5.5CVSS5.2AI score0.00738EPSS
CVE
CVE
added 2014/09/28 10:0 a.m.218 views

CVE-2012-6657

CVE-2012-6657 affects the Linux kernel up to version 3.5.7. The vulnerability lies in sock_setsockopt in net/core/sock.c, where a keepalive action may not be properly associated with a stream socket, enabling a local attacker to cause a denial of service (system crash) by leveraging the ability t...

4.9CVSS6.6AI score0.0053EPSS
CVE
CVE
added 2014/04/27 12:0 a.m.211 views

CVE-2014-0181

The CVE-2014-0181 issue affects the Linux kernel Netlink implementation prior to 3.14.1, where there is no authorization based on the opener of a Netlink socket. This can allow a local user to bypass intended access restrictions and modify network configurations by using a Netlink socket for the ...

2.1CVSS6AI score0.00538EPSS
CVE
CVE
added 2014/09/28 10:0 a.m.208 views

CVE-2014-6410

The vulnerability CVE-2014-6410 affects the Linux kernel (through 3.16.3) in the UDF filesystem: the __udf_read_inode function does not restrict ICB indirection, enabling a local, physically proximate attacker to cause a denial of service (infinite loop or stack consumption) via a crafted inode. ...

4.7CVSS5.8AI score0.0051EPSS
CVE
CVE
added 2014/12/12 6:0 p.m.200 views

CVE-2014-8134

CVE-2014-8134 affects the Linux kernel’s KVM paravirt code path (arch/x86/kernel/kvm.c, paravirt_ops_setup) through version 3.18. The root cause is an improper paravirt_enabled setting for KVM guest kernels, which could allow a guest user to bypass ASLR via a crafted application that reads a 16‑b...

3.3CVSS5.4AI score0.00703EPSS
CVE
CVE
added 2014/07/19 7:0 p.m.193 views

CVE-2014-4943

CVE-2014-4943 affects the Linux kernel up to 3.15.6, specifically the PPPoL2TP feature in net/l2tp/l2tp_ppp.c. The vulnerability arises from data-structure differences between an l2tp socket and an inet socket, enabling local privilege escalation. Public details in connected sources include PoC/e...

6.9CVSS6.3AI score0.02103EPSS
CVE
CVE
added 2014/02/06 10:0 p.m.181 views

CVE-2014-0038

The CVE-2014-0038 issue affects the Linux kernel before 3.13.2 when CONFIG_X86_X32 is enabled: the compat_sys_recvmmsg function in net/compat.c can be exploited via recvmmsg with a crafted timeout pointer to gain local privileges. Public references document a local privilege escalation (exploitab...

6.9CVSS5.6AI score0.34649EPSS
CVE
CVE
added 2014/10/13 10:0 a.m.178 views

CVE-2014-7970

CVE-2014-7970 is described in connected Lenovo advisories as a Linux kernel vulnerability where pivot_root() could be misused to trigger a local denial of service (mount-tree loop) via dot-path arguments. Lenovo’s advisory for PowerKVM lists affected product: PowerKVM v3.1, and states the issue i...

5.5CVSS5.9AI score0.00673EPSS
CVE
CVE
added 2014/12/17 11:0 a.m.177 views

CVE-2014-9322

CVE-2014-9322 affects the Linux kernel pre-3.17.5 where arch/x86/kernel/entry_64.S mishandles faults on the Stack Segment (SS) during IRET, allowing a local user to escalate privileges by accessing a GS Base address from the wrong space. Public PoC/exploitation (BadIRET) exists, illustrating loca...

7.8CVSS7.4AI score0.01504EPSS
CVE
CVE
added 2014/12/17 11:0 a.m.176 views

CVE-2014-8133

CVE-2014-8133 affects the Linux kernel TLS implementation (arch/x86/kernel/tls.c) up to version 3.18.1. A local attacker can exploit a crafted application that uses set_thread_area and subsequently reads a 16‑bit value to bypass the espfix protection and, in turn, bypass ASLR. The description con...

2.1CVSS4.8AI score0.00583EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.174 views

CVE-2014-3645

CVE-2014-3645 affects the Linux kernel KVM implementation in arch/x86/kvm/vmx.c, with versions before 3.12. The root cause is that the code path handling the INVEPT instruction lacks an exit handler, which can allow a guest OS user to trigger a denial of service by crashing the guest via a crafte...

2.1CVSS4.9AI score0.00409EPSS
CVE
CVE
added 2014/12/26 12:0 a.m.171 views

CVE-2014-9419

CVE-2014-9419 affects the Linux kernel (arch/x86/kernel/process_64.c) up to version 3.18.1. The issue fails to ensure TLS descriptors are loaded before proceeding with other steps, enabling a local attacker to bypass ASLR by crafting an application that reads a TLS base address. Connected advisor...

2.1CVSS4.7AI score0.00436EPSS
CVE
CVE
added 2014/05/11 9:0 p.m.170 views

CVE-2014-3122

CVE-2014-3122 affects the Linux kernel local memory-management path. The advisory centers on the try_to_unmap_cluster function in mm/rmap.c, where the code path did not consistently lock pages, enabling a local user to trigger a memory-usage pattern that can force removal of page-table mappings a...

4.9CVSS5.8AI score0.00545EPSS
CVE
CVE
added 2014/06/05 5:0 p.m.168 views

CVE-2014-3917

CVE-2014-3917 affects the Linux kernel up to 3.14.5, specifically kernel/auditsc.c when CONFIG_AUDITSYSCALL is enabled with certain syscall rules. Local users can obtain sensitive single-bit values from kernel memory or trigger a denial of service (OOPS) by using a large syscall number. Exploitat...

3.3CVSS5.9AI score0.0036EPSS
CVE
CVE
added 2014/11/30 1:0 a.m.165 views

CVE-2014-7841

CVE-2014-7841 affects the Linux kernel SCTP implementation (net/sctp/sm_make_chunk.c) with ASCONF enabled. A malformed INIT chunk can trigger a NULL pointer dereference, causing a system crash (DoS). Affected: kernel versions before 3.17.4; fix: upgrade to 3.17.4 or later (kernel changelog confir...

5CVSS6AI score0.0523EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.158 views

CVE-2014-3610

CVE-2014-3610 is a Linux kernel KVM WRMSR emulation flaw present up to and including 3.17.2. The issue arises when guest writes a non-canonical value to a model-specific register, causing the host to crash (DoS). It is tied to wrmsr_interception (arch/x86/kvm/svm.c) and handle_wrmsr (arch/x86/kvm...

5.5CVSS5.9AI score0.00595EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.156 views

CVE-2014-3673

The vulnerability CVE-2014-3673 affects the SCTP implementation in the Linux kernel up to version 3.17.2. A malformed ASCONF chunk can be sent by a remote attacker to trigger a denial of service (system crash). Affected components are net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. Remediat...

7.8CVSS7.1AI score0.07461EPSS
CVE
CVE
added 2014/11/30 1:0 a.m.155 views

CVE-2014-7842

The CVE-2014-7842 issue affects the Linux kernel’s arch/x86/kvm/x86.c; a race condition prior to 3.17.4 can allow a guest OS user to trigger an MMIO/PIO‑driven emulation error report, causing a guest crash (denial of service). Public notes in Nessus advisories reference CVE-2010-5313 as related. ...

4.9CVSS5.7AI score0.00374EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.154 views

CVE-2014-3690

CVE-2014-3690 affects arch/x86/kvm/vmx.c in the Linux kernel’s KVM subsystem on Intel, where the CR4 control register value may not be preserved across VM entries. The vendor-provided details in connected Nessus advisories describe a local attacker with access to /dev/kvm who can kill arbitrary p...

5.5CVSS6AI score0.00515EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.151 views

CVE-2014-4608

CVE-2014-4608 refers to multiple integer overflows in the LZO decompressor (lzo1x_decompress_safe) in the Linux kernel before 3.15.2, which can cause memory corruption and denial of service via a crafted Literal Run. Some advisories note the Linux kernel is not affected (media hype), while securi...

7.5CVSS5.7AI score0.05421EPSS
In wild
CVE
CVE
added 2014/05/11 9:0 p.m.150 views

CVE-2014-1737

CVE-2014-1737 affects the Linux kernel (through 3.14.3) and its floppy driver (drivers/block/floppy.c). The flaw is in raw_cmd_copyin not handling error conditions during processing of an FDRAWCMD ioctl, enabling local users with write access to /dev/fd to trigger kfree and potentially gain privi...

7.2CVSS6.2AI score0.00489EPSS
CVE
CVE
added 2014/04/14 11:0 p.m.149 views

CVE-2014-0077

CVE-2014-0077 concerns the Linux kernel component drivers/vhost/net.c . When mergeable buffers are disabled, the code path does not properly validate packet lengths, enabling a guest OS user to trigger a memory corruption that could cause a host crash or, per wording, potentially gain privileges ...

5.5CVSS6.6AI score0.00816EPSS
CVE
CVE
added 2014/08/01 10:0 a.m.149 views

CVE-2014-5077

CVE-2014-5077 affects the Linux kernel’s SCTP code: the function sctp_assoc_update in net/sctp/associola.c (affected in kernel builds up to 3.15.8) can be triggered when SCTP authentication is enabled. An attacker can cause a denial of service via a NULL pointer dereference and kernel OOPS by ini...

7.1CVSS6.2AI score0.05794EPSS
CVE
CVE
added 2014/02/28 2:0 a.m.148 views

CVE-2014-1874

The CVE-2014-1874 entry is about the Linux kernel vulnerability in security/selinux/ss/services.c: the security_context_to_sid_core function before 3.13.4 allows local users with CAP_MAC_ADMIN to set a zero-length security context, causing a denial of service (system crash). Affected product: Lin...

4.9CVSS5.9AI score0.006EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.148 views

CVE-2014-3687

The provided materials confirm CVE-2014-3687 affects the Linux kernel SCTP implementation (net/sctp/associola.c) up to version 3.17.2. The vulnerability allows remote attackers to cause a denial of service (panic) by sending duplicate ASCONF chunks, triggering an incorrect uncork within the side-...

7.8CVSS7.1AI score0.08579EPSS
CVE
CVE
added 2014/10/13 10:0 a.m.147 views

CVE-2014-7975

CVE-2014-7975 : The Linux kernel up to 3.17 allows a local user to trigger DoS by remounting root read-only without CAP_SYS_ADMIN. This occurs in do_remount_sb invoked via unshare/mount flows, clearing MNT_LOCKED and issuing MNT_FORCE unmount. Connected Nessus advisories for Unity Linux reference...

5.5CVSS5.2AI score0.00461EPSS
CVE
CVE
added 2014/05/11 9:0 p.m.146 views

CVE-2014-3144

CVE-2014-3144 affects the Linux kernel up to 3.14.3. The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST implementations in the sk_run_filter function (net/core/filter.c) do not properly verify a length value, enabling a local attacker to trigger a denial of service via crafted BPF instruction...

4.9CVSS6.1AI score0.00602EPSS
CVE
CVE
added 2014/04/14 11:0 p.m.143 views

CVE-2014-2851

CVE-2014-2851: Integer overflow in ping_init_sock (net/ipv4/ping.c) of the Linux kernel up to 3.14.1 allows local users to cause a denial of service (use‑after‑free and system crash) and potentially gain privileges via a crafted application that exploits an improperly managed reference counter. C...

6.9CVSS6.5AI score0.00959EPSS
CVE
CVE
added 2014/09/01 1:0 a.m.143 views

CVE-2014-5471

CVE-2014-5471 affects the Linux kernel up to 3.16.1, specifically the parse_rock_ridge_inode_internal function in fs/isofs/rock.c. A crafted iso9660 image with a CL entry referencing a directory entry that has a CL entry can cause uncontrolled recursion, leading to a local denial of service, syst...

4CVSS5.6AI score0.00505EPSS
CVE
CVE
added 2014/01/06 11:0 a.m.141 views

CVE-2013-7263

The CVE-2013-7263 issue affects the Linux kernel before 3.12.4, where certain length values are updated before kernel data structures are initialized, enabling local attackers to read sensitive information from kernel stack memory via recvfrom, recvmmsg, or recvmsg. Connected Nessus entries (Unit...

4.9CVSS6.8AI score0.0048EPSS
CVE
CVE
added 2014/03/11 1:0 a.m.140 views

CVE-2014-2309

CVE-2014-2309 affects the Linux kernel (net/ipv6/route.c, function ip6_route_add) up to version 3.13.6. It causes memory exhaustion via a flood of ICMPv6 Router Advertisement packets, enabling a remote attacker to trigger DoS. The connected Nessus/OpenVAS advisories reference Unity Linux security...

6.1CVSS6AI score0.02426EPSS
CVE
CVE
added 2014/03/24 10:0 a.m.139 views

CVE-2014-0131

CVE-2014-0131 affects the Linux kernel up to version 3.13.6. The vulnerability is a use-after-free in the skb_segment function within net/core/skbuff.c caused by the absence of a certain orphaning operation. Exploitation details are not provided in the supplied documents. The impact is that an at...

2.9CVSS5.8AI score0.00675EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.139 views

CVE-2014-4653

Summary (CVE-2014-4653) : The ALSA control implementation in the Linux kernel has a race/lock handling issue in sound/core/control.c. It does not ensure possession of a read/write lock, enabling a local attacker to trigger a denial of service (use-after-free) and to potentially read kernel memory...

4.6CVSS5.1AI score0.00498EPSS
CVE
CVE
added 2014/06/23 10:0 a.m.138 views

CVE-2014-4508

CVE-2014-4508 affects the Linux kernel on 32-bit x86 (arch/x86/kernel/entry_32.S) up to version 3.15.1. When syscall auditing is enabled and the sep CPU feature flag is set, a local user can trigger a denial-of-service (OOPS and crash) by using an invalid syscall number (demonstrated with number ...

4.7CVSS5.9AI score0.00413EPSS
CVE
CVE
added 2014/02/28 2:0 a.m.137 views

CVE-2014-0069

The CVE-2014-0069 entry affects the Linux kernel (fs/cifs/file.c: cifs_iovec_write) up to version 3.13.5. The vulnerability stems from improper handling of uncached write operations that copy fewer bytes than requested, enabling local users to read kernel memory (information disclosure), cause me...

7.2CVSS6.5AI score0.00414EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.137 views

CVE-2014-3647

CVE-2014-3647 affects the Linux kernel KVM emulation path: arch/x86/kvm/emulate.c. The root cause is improper handling of RIP changes during instruction emulation, enabling a local guest OS user to crash the guest (DoS) with a crafted application in kernels up to 3.17.2. The provided connected do...

5.5CVSS5.5AI score0.00588EPSS
CVE
CVE
added 2014/04/01 1:0 a.m.135 views

CVE-2014-2678

CVE-2014-2678 affects the Linux kernel (net/rds/iw.c). The rds_iw_laddr_check function can be triggered by a bind() on an RDS socket on systems lacking RDS transports, enabling local attackers to cause a NULL pointer dereference and a system crash (DoS). This is described as affecting kernels up ...

4.7CVSS6.7AI score0.00403EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.135 views

CVE-2014-3611

CVE-2014-3611 corresponds to a race condition in the Linux kernel’s KVM PIT emulation: the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c, with affected versions up to and including 3.17.2. The vulnerability allows a guest OS user to trigger a host OS crash via incorrect PIT emulation. ...

4.7CVSS5.7AI score0.00294EPSS
CVE
CVE
added 2014/07/09 10:0 a.m.135 views

CVE-2014-4699

CVE-2014-4699 affects the Linux kernel prior to 3.15.4 on Intel CPUs: a non-canonical saved RIP value in system calls that do not use IRET can be exploited via ptrace and fork to escalate privileges or trigger a denial of service (double fault). Multiple connected advisories (e.g., MiracleLinux A...

6.9CVSS6.1AI score0.02324EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.134 views

CVE-2014-3646

CVE-2014-3646 affects the Linux kernel’s KVM implementation: arch/x86/kvm/vmx.c lacks an exit handler for the INVVPID instruction, enabling a local guest-user to crash the guest OS (DoS) via a crafted application. Public remote advisories in connected Nessus plugins confirm the issue exists in ke...

5.5CVSS5.9AI score0.00428EPSS
CVE
CVE
added 2014/07/03 1:0 a.m.134 views

CVE-2014-4656

CVE-2014-4656 affects the Linux kernel ALSA sound control (sound/core/control.c). The vulnerability arises from multiple integer overflows in ALSA control handling, exploitable by local users via /dev/snd/controlCX to cause a denial of service. The issue is tied to (1) index values in snd_ctl_add...

4.6CVSS5.6AI score0.005EPSS
CVE
CVE
added 2014/09/28 10:0 a.m.134 views

CVE-2014-7145

CVE-2014-7145 affects the Linux kernel SMB2_tcon() in fs/cifs/smb2pdu.c, where remote CIFS servers can trigger a NULL pointer dereference by deleting the IPC$ share during DFS referrals, potentially causing a denial of service. The issue is fixed in kernel 3.16.3 (per ChangeLog-3.16.3). Connected...

7.8CVSS6.4AI score0.03725EPSS
CVE
CVE
added 2014/12/26 12:0 a.m.134 views

CVE-2014-9420

CVE-2014-9420 affects the Linux kernel iso9660 isofs rock.c: rock_continue does not bound the number of Rock Ridge continuation entries, allowing a local attacker crafting an ISO image to trigger an infinite loop and cause DoS (system hang/crash) on kernels up to 3.18.1. Public advisories from Ce...

4.9CVSS4.7AI score0.00455EPSS
CVE
CVE
added 2014/05/11 9:0 p.m.133 views

CVE-2014-1738

CVE-2014-1738 is a Linux kernel vulnerability in the floppy driver (raw_cmd_copyout) where processing FDRAWCMD IOCTL calls could allow local attackers with write access to /dev/fd to read kernel heap memory. The flaw is described as an improper restriction of pointers during FDRAWCMD processing, ...

2.1CVSS5.9AI score0.00524EPSS
CVE
CVE
added 2014/11/30 1:0 a.m.132 views

CVE-2014-3688

CVE-2014-3688 affects the Linux kernel SCTP implementation prior to 3.17.4. The vulnerability allows a remote attacker to cause a denial of service via memory consumption by triggering a large number of chunks in an association’s output queue (ASCONF probes), related to net/sctp/inqueue.c and net...

5CVSS7.1AI score0.0585EPSS
CVE
CVE
added 2014/11/30 1:0 a.m.131 views

CVE-2010-5313

CVE-2010-5313 is demonstrated in the Linux kernel’s arch/x86/kvm/x86.c, where a race condition allows L2 guest OS users to trigger an L2 emulation failure report and cause a denial of service on the L1 guest (as described in the CVE entry). The affected lineage is the Linux kernel before 2.6.38. ...

4.9CVSS5.6AI score0.00325EPSS
Total number of security vulnerabilities129