Lucene search
K

80 matches found

CVE
CVE
added 2015/03/16 10:0 a.m.664 views

CVE-2015-1593

CVE-2015-1593 affects the Linux kernel: on 64-bit platforms, the stack randomization (ASLR) feature uses incorrect data types for bitwise left-shift results, making it easier to predict the stack top address and bypass ASLR. The issue is tied to functions such as randomize_stack_top in fs/binfmt_...

5CVSS4.9AI score0.03742EPSS
CVE
CVE
added 2015/03/16 10:0 a.m.403 views

CVE-2015-1421

CVE-2015-1421 is a use-after-free in the Linux kernel SCTP path (sctp_assoc_update in net/sctp/associola.c) that allows a remote attacker to trigger an INIT collision, leading to slab corruption and a kernel panic (DoS) with potentially other impact. Affected condition: kernel versions prior to 3...

10CVSS5.9AI score0.09828EPSS
CVE
CVE
added 2015/08/08 10:0 a.m.302 views

CVE-2015-1805

CVE-2015-1805 covers a local elevation/DoS flaw in the Linux kernel where the pipe_read/pipe_write paths in fs/pipe.c mishandle side effects from failed __copy_to_user_inatomic and __copy_from_user_inatomic calls. The issue permits a local user to crash the system or potentially gain privileges v...

7.2CVSS6.1AI score0.01407EPSS
CVE
CVE
added 2015/12/28 11:0 a.m.301 views

CVE-2015-8660

CVE-2015-8660 targets the ovl_setattr path in Linux overlayfs (fs/overlayfs/inode.c) up to kernel 4.3.3. The issue arises from attempting to merge distinct setattr operations, allowing local users to bypass access restrictions and modify attributes of arbitrary overlay files via a crafted applica...

7.2CVSS5.4AI score0.22374EPSS
CVE
CVE
added 2015/11/16 11:0 a.m.264 views

CVE-2015-7872

CVE-2015-7872 affects the Linux kernel (security/keys/gc.c: key_gc_unused_keys) up to version 4.2.6. A local attacker can trigger a DoS (OOPS) using crafted keyctl commands. Connected documents reference upstream kernel commits (f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61 and ce1fad2740c648a4340f6f6...

2.1CVSS4.5AI score0.00508EPSS
CVE
CVE
added 2015/11/16 12:0 a.m.260 views

CVE-2015-8104

CVE-2015-8104 affects the KVM/Hypervisor stack in Linux kernel up to 4.2.6 and Xen up to 4.6.x. The issue arises from handling of Debug (DB) exceptions in svm.c, allowing a guest OS user to trigger many DBs to cause a host denial-of-service (panic/hang). Connected CNA/records also show a link to ...

10CVSS5.3AI score0.02501EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.232 views

CVE-2015-5157

CVE-2015-5157 affects the Linux kernel prior to 4.1.6 on x86_64. The issue is in arch/x86/entry/entry_64.S where IRET faults during NMIs that occur in userspace are mishandled, potentially allowing a local user to gain privileges. The vulnerability is described in several connected advisories as ...

7.2CVSS5.7AI score0.00624EPSS
CVE
CVE
added 2015/08/06 1:0 a.m.204 views

CVE-2015-3636

CVE-2015-3636 affects the Linux kernel up to 4.0.2, in the ping_unhash path of net/ipv4/ping.c. The issue arises because a certain list data structure is not initialized during an unhash operation, enabling a local user with ping socket access to crash the system or potentially gain privileges by...

4.9CVSS5.6AI score0.02472EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.198 views

CVE-2015-5364

The CVE-2015-5364 issue affects the Linux kernel prior to 4.0.6, where udp_recvmsg/udpv6_recvmsg fail to handle processor yielding correctly, enabling remote attackers to trigger a denial of service (system hang) via UDP packet flood with incorrect checksums. Related CVE-2015-5366 also concerns U...

7.8CVSS5.7AI score0.06267EPSS
CVE
CVE
added 2015/03/12 2:0 p.m.195 views

CVE-2015-2150

CVE-2015-2150 affects Xen 3.3.x–4.5.x and the Linux kernel up to 3.19.1, where access to PCI command registers is not properly restricted. This can allow a local guest OS user to cause a denial of service (unexpected NMI, host crash) by disabling memory or I/O decoding for a PCI Express device an...

4.9CVSS5.1AI score0.00534EPSS
CVE
CVE
added 2015/12/28 11:0 a.m.194 views

CVE-2015-8543

CVE-2015-8543 affects the Linux kernel networking stack (up to version 4.3.3 as used in Android and others). The issue: the networking implementation does not validate protocol identifiers for certain protocol families, enabling local users to cause a NULL pointer dereference and system crash, wi...

7CVSS7AI score0.0123EPSS
CVE
CVE
added 2015/11/16 9:0 p.m.193 views

CVE-2015-8215

CVE-2015-8215 concerns the Linux kernel IPv6 stack (net/ipv6/addrconf.c) where MTU validation is missing. This affects kernel versions before 4.0 and can enable a context-dependent attacker to trigger packet loss through Router Advertisement processing, as the MTU value may be invalid (either bel...

5CVSS5.9AI score0.03693EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.185 views

CVE-2015-3214

CVE-2015-3214 affects QEMU prior to 2.3.1 (pit_ioport_read in i8254.c) and Linux kernel prior to 2.6.33. The flaw does not distinguish between read and write lengths, potentially allowing a privileged guest user (with PIT emulation enabled) to trigger an invalid index and cause arbitrary host cod...

6.9CVSS6.1AI score0.01594EPSS
CVE
CVE
added 2015/11/16 11:0 a.m.182 views

CVE-2015-5307

CVE-2015-5307 affects the Linux kernel KVM subsystem (through 4.2.6) and Xen (4.3.x–4.6.x). An attacker who has local access in a guest can trigger many #AC exceptions (Alignment Check), potentially causing a host panic/hang. Root cause involves svm.c/vmx.c handling of alignment-related events. P...

4.9CVSS6.1AI score0.00566EPSS
CVE
CVE
added 2015/01/09 9:0 p.m.177 views

CVE-2014-9584

CVE-2014-9584 affects the Linux kernel where the function parse_rock_ridge_inode_internal in fs/isofs/rock.c does not validate a length value in the ER System Use Field, enabling local users to obtain sensitive kernel memory via a crafted iso9660 image. This vulnerability exists in kernels before...

2.1CVSS4.5AI score0.00465EPSS
CVE
CVE
added 2015/05/27 10:0 a.m.177 views

CVE-2015-3331

CVE-2015-3331 affects the Linux kernel up to 3.19.2, where __driver_rfc4106_decrypt in arch/x86/crypto/aesni-intel_glue.c mishandles memory locations for encrypted data, enabling a context-dependent attacker to trigger a buffer overflow via a crypto API call (e.g., with a libkcapi test program us...

9.3CVSS6.6AI score0.10108EPSS
CVE
CVE
added 2015/10/19 10:0 a.m.177 views

CVE-2015-5156

CVE-2015-5156 affects the Linux kernel’s virtio-net implementation. The vulnerability arises in virtnet_probe (drivers/net/virtio_net.c) where a FRAGLIST feature is supported without proper memory allocation, enabling a remote attacker on the local network to trigger a buffer overflow/memory corr...

6.1CVSS5.5AI score0.01164EPSS
CVE
CVE
added 2015/05/27 10:0 a.m.173 views

CVE-2015-2922

CVE-2015-2922 is a Linux kernel IPv6 Neighbor Discovery flaw in the ndisc_router_discovery path that lets a crafted Router Advertisement with a small hop_limit reconfigure the hop-limit on the receiving interface. It affects the IPv6 stack prior to kernel 3.19.6; the impact is loss of connectivit...

3.3CVSS5AI score0.03052EPSS
CVE
CVE
added 2015/03/16 10:0 a.m.170 views

CVE-2014-8159

CVE-2014-8159 describes a flaw in the Linux kernel InfiniBand/RDMA subsystem where the uverbs interface used to register memory regions can be abused by a local user to access arbitrary physical memory, potentially crash the system or escalate privileges via /dev/infiniband/uverbsX. The initial e...

6.9CVSS6AI score0.00441EPSS
CVE
CVE
added 2015/11/16 11:0 a.m.170 views

CVE-2015-2925

The vulnerability CVE-2015-2925 affects the Linux kernel prior to 4.2.4, specifically the prepend_path function in fs/dcache.c. It allows a local attacker to bypass container protections by renaming a directory inside a bind mount, enabling a double-chroot-style escape. The impact is enabling pri...

6.9CVSS5.8AI score0.01246EPSS
CVE
CVE
added 2015/01/09 9:0 p.m.168 views

CVE-2014-9585

CVE-2014-9585 affects Linux kernels up to 3.18.2. The vdso_addr code in arch/x86/vdso/vma.c can misselect vDSO memory, enabling local users to bypass ASLR by guessing a PMD-end location. Exploitation details and patches/fixes are not provided in the connected documents; monitor advisories for rem...

2.1CVSS4.9AI score0.00557EPSS
CVE
CVE
added 2015/05/27 10:0 a.m.165 views

CVE-2015-3339

CVE-2015-3339 affects the Linux kernel (before 3.19.6) and stems from a race condition between chown and execve when changing the owner of a setuid binary to root. An unprivileged local user could exploit the window where ownership is updated but the setuid bit is not yet stripped to gain root pr...

6.2CVSS5.2AI score0.00317EPSS
CVE
CVE
added 2015/01/09 9:0 p.m.164 views

CVE-2014-9529

CVE-2014-9529: A race condition in Linux kernel key garbage collection (key_gc_unused_keys in security/keys/gc.c) up to 3.18.2 can enable local users to cause DoS or memory corruption during key garbage collection via keyctl. Connected advisory confirms kernel upstream fix and lists commit a3a878...

6.9CVSS6.2AI score0.00339EPSS
CVE
CVE
added 2015/03/16 10:0 a.m.160 views

CVE-2014-7822

CVE-2014-7822 concerns the Linux kernel splice_write path, where the splice() system call does not validate the maximum size of a single file. This enables a local unprivileged user to trigger a denial of service (system crash) and potentially other effects, notably when using an ext4 filesystem....

7.2CVSS5.6AI score0.01176EPSS
CVE
CVE
added 2015/05/27 10:0 a.m.158 views

CVE-2015-2830

CVE-2015-2830 affects the Linux kernel (arch/x86/kernel/entry_64.S) prior to 3.19.2. The TS_COMPAT flag can reach a user-mode task, potentially allowing local attackers to bypass seccomp or audit protections via crafted applications using fork or close. A fix is available in 3.19.2 and later; att...

1.9CVSS4.8AI score0.00414EPSS
CVE
CVE
added 2015/10/19 10:0 a.m.157 views

CVE-2015-7799

The CVE-2015-7799 issue affects the Linux kernel, specifically slhc_init in drivers/net/slip/slhc.c, up to version 4.2.3. The vulnerability arises because the function does not validate certain slot numbers, allowing a local user to trigger a denial of service via a crafted PPPIOCSMAXCID ioctl ca...

4.9CVSS4.3AI score0.00646EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.155 views

CVE-2015-5366

The referenced sources confirm two Linux kernel UDP-handling flaws fixed in version 4.0.6: CVE-2015-5364 and CVE-2015-5366. Affected component: UDP and UDPv6 receive paths (udp_recvmsg and udpv6_recvmsg) in the Linux kernel prior to 4.0.6. Root cause: improper handling of UDP checksums, allowing ...

5CVSS5.7AI score0.06245EPSS
CVE
CVE
added 2015/10/19 10:0 a.m.155 views

CVE-2015-7613

CVE-2015-7613 is a Linux kernel race condition in the IPC object implementation (up to version 4.2.3) that can allow a local unprivileged user to escalate privileges by triggering ipc_addid, which uses uid/gid values from uninitialized data (topics include msg.c, shm.c, util.c). Connected sources...

6.9CVSS6.1AI score0.00412EPSS
CVE
CVE
added 2015/03/02 11:0 a.m.153 views

CVE-2014-8160

CVE-2014-8160 : In the Linux kernel, net/netfilter/nf_conntrack_proto_generic.c before 3.18 generates incorrect conntrack entries when handling certain iptables rule sets for SCTP, DCCP, GRE, and UDP-Lite. This can allow remote attackers to bypass intended access restrictions by sending packets w...

5CVSS5.7AI score0.05489EPSS
CVE
CVE
added 2015/05/27 10:0 a.m.152 views

CVE-2015-2666

CVE-2015-2666 : The Linux kernel contains a stack-based buffer overflow in get_matching_model_microcode (arch/x86/kernel/cpu/microcode/intel_early.c) that can be exploited by a context-dependent local attacker with root privileges to write to the initrd. The description in connected advisories co...

6.9CVSS5.6AI score0.0042EPSS
CVE
CVE
added 2015/10/19 10:0 a.m.152 views

CVE-2015-6937

The CVE-2015-6937 issue is in the Linux kernel (net/rds/connection.c: __rds_conn_create) and allows a local user to trigger a NULL pointer dereference and DoS by using an unbound socket. CVE-2015-7990 is a related race condition in net/rds/sendmsg.c (rds_sendmsg) that can cause DoS; both rely on ...

4.9CVSS6.4AI score0.0052EPSS
CVE
CVE
added 2015/12/28 11:0 a.m.151 views

CVE-2013-7446

CVE-2013-7446 is a use-after-free vulnerability in the Linux kernel (net/unix/af_unix.c) up to version 4.3.2, fixed in 4.3.3. It allows local attackers to bypass AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. Affected: Linux kernel before 4.3.3 (inclu...

5.4CVSS5.9AI score0.00625EPSS
CVE
CVE
added 2015/12/28 11:0 a.m.151 views

CVE-2015-8374

CVE-2015-8374 affects the Linux kernel prior to 4.3.3. The vulnerability is due to the filesystem driver fs/btrfs/inode.c mishandling compressed inline extents, allowing local users to obtain sensitive pre-truncation data from a file via a clone operation. Affected: Linux kernel up to 4.3.2 (4.3....

4CVSS4.7AI score0.00505EPSS
CVE
CVE
added 2015/10/16 1:0 a.m.149 views

CVE-2013-7445

CVE-2013-7445 : In the Linux kernel DRM subsystem, the Graphics Execution Manager (GEM) object handling (through GEM requests) is mishandled, allowing a context-aware attacker to cause a denial of service via memory exhaustion. The exploitation described uses JavaScript creating many CANVAS eleme...

7.8CVSS7.7AI score0.02728EPSS
CVE
CVE
added 2015/05/27 10:0 a.m.144 views

CVE-2014-9715

CVE-2014-9715 affects the Linux kernel prior to 3.14.5, where nf_conntrack_extend.h in the netfilter subsystem uses an insufficiently large data type for certain extension data. This can allow a local attacker to trigger a NULL pointer dereference and OOPS (DoS) by outbound traffic that loads ext...

4.9CVSS6.8AI score0.00396EPSS
CVE
CVE
added 2015/10/19 10:0 a.m.144 views

CVE-2015-5283

CVE-2015-5283 affects the Linux kernel prior to 4.2.3. The sctp_init function in net/sctp/protocol.c uses an incorrect sequence of protocol-initialization steps, allowing a local attacker to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all steps complete....

4.7CVSS5AI score0.00549EPSS
CVE
CVE
added 2015/03/02 11:0 a.m.143 views

CVE-2015-0239

CVE-2015-0239 affects the Linux kernel KVM emulation path (arch/x86/kvm/emulate.c). If a guest OS does not initialize SYSENTER MSRs, em_sysenter can trigger using a 16‑bit code segment to emulate SYSENTER, allowing a guest OS user to gain guest privileges or cause a guest crash. The vulnerability...

4.4CVSS5.7AI score0.00643EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.142 views

CVE-2015-4700

The CVE-2015-4700 issue affects the Linux kernel (arch/x86/net/bpf_jit_comp.c) up to version 4.0.5. The bpf_int_jit_compile function can be triggered by crafted BPF instructions to cause a denial-of-service (system crash) via late convergence in the JIT compiler. Affected component is the JIT-com...

4.9CVSS5.1AI score0.00451EPSS
CVE
CVE
added 2015/10/19 10:0 a.m.140 views

CVE-2015-0275

CVE-2015-0275 affects the Linux kernel ext4 subsystem: the ext4_zero_range function in fs/ext4/extents.c allows local users to trigger a denial of service via a crafted fallocate zero-range request. The linked MiracleLinux/Unity Linux Nessus entries reproduce this: the vulnerability is described ...

4.9CVSS4.8AI score0.00457EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.140 views

CVE-2015-3212

CVE-2015-3212: Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of socket-related system calls (notably setsockopt). Affected component is the SCTP implementation in the kernel; impa...

4.9CVSS5.6AI score0.00343EPSS
CVE
CVE
added 2015/12/28 11:0 a.m.140 views

CVE-2015-7990

Technical details beyond the initial description are not provided in the connected documents. No public details about CVE-2015-7990 are included here; monitor for updates.

5.9CVSS6.6AI score0.00348EPSS
CVE
CVE
added 2015/03/03 11:0 a.m.139 views

CVE-2014-9683

CVE-2014-9683 describes an off-by-one error in the Linux kernel’s eCryptfs path: ecryptfs_decode_from_filename in fs/ecryptfs/crypto.c (pre-3.18.2). A crafted filename can cause a buffer overflow, leading to a denial of service and, potentially, local privilege escalation. The vulnerability is lo...

3.6CVSS5.2AI score0.00447EPSS
CVE
CVE
added 2015/08/05 6:0 p.m.134 views

CVE-2015-4167

The CVE-2015-4167 issue affects the Linux kernel UDF code: udf_read_inode in fs/udf/inode.c fails to validate certain length values, enabling local attackers with crafted UDF filesystems to trigger DoS (incorrect data representation or integer overflow, OOPS). Impact is local access with potentia...

4.7CVSS6.8AI score0.00434EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.132 views

CVE-2015-1333

CVE-2015-1333 is a memory-leak vulnerability in the Linux kernel prior to 4.1.4. The issue is in the __key_link_end function within security/keys/keyring.c, where adding a key to a keyring via add_key can allow a local attacker to exhaust memory and cause a denial of service. Public advisories an...

4.9CVSS4.9AI score0.0048EPSS
CVE
CVE
added 2015/04/21 10:0 a.m.131 views

CVE-2015-2041

CVE-2015-2041 affects Unity Linux kernels (20.1050e/20.1060e/20.1070e) where the Linux kernel before 3.19 contains an error in net/llc/sysctl_net_llc.c using an incorrect data type in a sysctl table. This local information-disclosure flaw allows an unprivileged local user to read potentially sens...

4.6CVSS5.8AI score0.00472EPSS
CVE
CVE
added 2015/10/19 10:0 a.m.131 views

CVE-2015-6252

CVE-2015-6252 refers to a vulnerability in the Linux kernel where the vhost_dev_ioctl path in drivers/vhost/vhost.c allows local users to trigger a denial of service (memory consumption) by issuing a VHOST_SET_LOG_FD ioctl that can cause permanent file-descriptor allocation. The description speci...

2.1CVSS6.1AI score0.00442EPSS
CVE
CVE
added 2015/03/02 11:0 a.m.130 views

CVE-2014-9644

CVE-2014-9644 affects the Linux kernel Crypto API prior to 3.18.5. It allows a local user to load arbitrary kernel modules by abusing a bind() call on an AF_ALG socket with a module template expression (eg, vfat(aes)) in salg_name. This is a local, privilege-related issue, separate from CVE-2013-...

2.1CVSS5.7AI score0.00552EPSS
CVE
CVE
added 2015/10/19 10:0 a.m.129 views

CVE-2015-5707

CVE-2015-5707 affects the Linux kernel sg.c sg_start_req function (drivers/scsi/sg.c) where an integer overflow can occur in write requests with a large iov_count, allowing a local attacker to cause a denial of service or potentially other impact on kernel memory. Affected are kernel versions 2.6...

4.6CVSS6.2AI score0.00493EPSS
CVE
CVE
added 2015/03/16 10:0 a.m.127 views

CVE-2015-1420

CVE-2015-1420 is a Linux kernel race condition in fs/fhandle.c (handle_to_path) up to version 3.19.1. An attacker could bypass size restrictions by manipulating handle_bytes during handle_to_path execution to trigger reads from additional memory locations, enabling local read access to memory. Th...

1.9CVSS5AI score0.00362EPSS
CVE
CVE
added 2015/03/02 11:0 a.m.126 views

CVE-2013-7421

CVE-2013-7421 : Linux kernel Crypto API flaw allows a local user to load arbitrary kernel modules via a bind() on an AF_ALG socket with a salg_name, in kernels before 3.18.5. This is the same class as CVE-2014-9644 and is addressed by the 3.18.5 fix (ChangeLog-3.18.5). Connected IBM and vendor ad...

2.1CVSS5.7AI score0.00716EPSS
Total number of security vulnerabilities80