Lucene search
K

216 matches found

CVE
CVE
added 2016/11/10 9:0 p.m.2128 views

CVE-2016-5195

CVE-2016-5195 (Dirty COW) : A race condition in the Linux kernel’s memory management (mm/gup.c) allows a local user to gain write access to read‑only mappings via a faulty copy‑on‑write handling. Affected: kernel 2.x–4.x prior to 4.8.3. Exploitation was observed in the wild around Oct 2016. Impac...

7.2CVSS7.8AI score0.83524EPSS
In wild
CVE
CVE
added 2016/02/08 2:0 a.m.412 views

CVE-2016-0728

The CVE-2016-0728 issue affects the Linux kernel up to version 4.4.1, specifically in the keyring handling path join_session_keyring() within security/keys/process_keys.c. A flaw in object reference management in an error path can allow a local, unprivileged user to escalate privileges or cause a...

7.8CVSS6.5AI score0.03646EPSS
In wild
CVE
CVE
added 2016/10/10 10:0 a.m.399 views

CVE-2016-7117

CVE-2016-7117 describes a use-after-free in the Linux kernel’s __sys_recvmmsg() within net/socket.c, affecting kernel versions prior to 4.5.2. An attacker could trigger the corruption via a mishandled recvmmsg system call during error processing, enabling remote execution of arbitrary code. The v...

10CVSS9.3AI score0.24299EPSS
CVE
CVE
added 2016/06/27 10:0 a.m.361 views

CVE-2016-1583

CVE-2016-1583 affects the Linux kernel: ecryptfs_privileged_open (fs/ecryptfs/kthread.c) allows a local attacker to gain privileges or cause a denial of service via crafted mmap calls for /proc pathnames, triggering recursive pagefault handling. Affects kernels prior to 4.6.3; patch released in 4...

7.8CVSS7.4AI score0.01393EPSS
CVE
CVE
added 2016/04/27 5:0 p.m.350 views

CVE-2016-3672

CVE-2016-3672 affects the Linux kernel before 4.5.3 where arch_pick_mmap_layout in arch/x86/mm/mmap.c fails to properly randomize the legacy base address. This defeats ADDR_NO_RANDOMIZE protections and can bypass ASLR for setuid/setgid programs by disabling stack-consumption resource limits. Affe...

7.8CVSS6.6AI score0.0117EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.326 views

CVE-2016-3137

CVE-2016-3137 affects the Linux kernel driver, specifically drivers/usb/serial/cypress_m8.c, with exploitation possible via a USB device lacking interrupt endpoints. The vulnerability allows a NULL pointer dereference leading to a denial of service (system crash) and is fixed in kernel 4.5.1 (and...

4.9CVSS5.3AI score0.00546EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.324 views

CVE-2016-8666

CVE-2016-8666 affects the Linux kernel’s IP GRO path handling for tunneled/stacked packets. Public sources in connected docs show the issue in kernels before certain fixes, with Unity advisories citing fixes up to kernel 4.8.2 and earlier references noting vulnerability through 4.6 in other conte...

7.8CVSS7.8AI score0.047EPSS
CVE
CVE
added 2016/11/28 3:1 a.m.321 views

CVE-2015-1328

CVE-2015-1328 affects the Linux kernel overlayfs by failing to properly check permissions for file creation in the upperdir when overlayfs is allowed in an arbitrary mount namespace. This enables local users to escalate to root on systems with overlayfs and user namespaces enabled, notably Ubuntu...

7.8CVSS6.7AI score0.37679EPSS
CVE
CVE
added 2016/07/03 9:0 p.m.314 views

CVE-2016-4997

CVE-2016-4997 affects the Linux kernel netfilter IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE handling in 32/64-bit compatibility paths prior to 4.6.3, enabling local privilege escalation or memory-corruption-based denial of service when a crafted offset is supplied via in-container root access. Ex...

7.8CVSS7.5AI score0.05676EPSS
CVE
CVE
added 2016/06/27 10:0 a.m.297 views

CVE-2016-0758

CVE-2016-0758 concerns an integer overflow in the Linux kernel’s ASN.1 DER decoder (lib/asn1_decoder.c) that could allow local privilege escalation. The Android 2016-10-05 bulletin documents this as a kernel ASN.1 decoder elevation-of-privilege issue with Critical severity, affecting Nexus device...

7.8CVSS7.6AI score0.00397EPSS
CVE
CVE
added 2016/08/06 8:0 p.m.276 views

CVE-2016-6197

CVE-2016-6197 affects the OverlayFS implementation (fs/overlayfs/dir.c) in the Linux kernel before 4.6. The flaw allows a local user to cause a denial of service (system crash) by a rename that specifies a self-hardlink, due to incomplete verification of the upper dentry during unlink/rename. Exp...

5.5CVSS5.4AI score0.00486EPSS
CVE
CVE
added 2016/11/28 3:1 a.m.265 views

CVE-2016-8633

CVE-2016-8633 affects the Linux kernel due to a vulnerability in drivers/firewire/net.c that can allow remote code execution when processing crafted fragmented packets on certain hardware. The connected Unity Linux advisories (UTSA-2026-003327 and related Nessus plugins) state the issue exists in...

6.8CVSS8.2AI score0.01765EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.258 views

CVE-2015-1350

CVE-2015-1350 is confirmed in the Connected documents as a vulnerability in the Linux kernel VFS subsystem (3.x) where setattr operations underspecify removal of extended privilege attributes. This can allow local users to cause a denial of service by stripping capabilities from specific processe...

5.5CVSS6.3AI score0.00489EPSS
CVE
CVE
added 2016/11/28 3:1 a.m.254 views

CVE-2016-9555

The CVE-2016-9555 issue affects the Linux kernel SCTP implementation. The sctp_sf_ootb function in net/sctp/sm_statefuns.c lacks chunk-length checking for the first SCTP chunk, and resides in kernel versions before 4.8.8. This can permit remote attackers to cause a denial of service via out-of-bo...

10CVSS9.6AI score0.09144EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.253 views

CVE-2015-3288

CVE-2015-3288 affects the Linux kernel prior to 4.1.4. It arises from mishandling anonymous pages in mm/memory.c, allowing a local user to gain privileges or cause a denial of service by writing to page zero. The issue is fixed in 4.1.4 (per ChangeLog-4.1.4 and related advisories referenced in th...

7.8CVSS7AI score0.00479EPSS
CVE
CVE
added 2016/12/28 7:42 a.m.251 views

CVE-2016-9794

CVE-2016-9794 is a local, use-after-free race in ALSA’s snd_pcm_period_elapsed() in the Linux kernel before 4.7. A crafted SNDRV_PCM_TRIGGER_START can trigger memory corruption, enabling a local attacker to cause a denial of service (and possibly other impact) on affected systems. Public write-up...

7.8CVSS7.6AI score0.00335EPSS
CVE
CVE
added 2016/08/06 8:0 p.m.245 views

CVE-2016-5696

Technical details about CVE-2016-5696 are not publicly provided in the supplied connected documents; monitor for updates.

5.8CVSS6.3AI score0.15073EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.242 views

CVE-2016-6828

The vulnerability CVE-2016-6828 affects the Linux kernel and is triggered by a local attacker exploiting a use-after-free in the TCP transmit path. Specifically, the tcp_check_send_head path in include/net/tcp.h leaves SACK state in an inconsistent condition after a failed data copy, enabling a l...

5.5CVSS5.8AI score0.01181EPSS
CVE
CVE
added 2016/12/08 8:8 a.m.238 views

CVE-2016-8655

CVE-2016-8655 describes a race condition in the Linux kernel AF_PACKET path (net/packet/af_packet.c) that, up to version 4.8.12, could allow a local user with CAP_NET_RAW to change a socket version via packet_set_ring/packet_setsockopt, leading to use-after-free, privilege escalation or DoS. Conn...

7.8CVSS7.6AI score0.11127EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.235 views

CVE-2016-7042

CVE-2016-7042: Linux kernel vulnerability where proc_keys_show (security/keys/proc.c) uses an incorrect buffer size for certain timeout data when built with gcc stack protector, enabling local denial of service by reading /proc/keys. Affects kernels up to 4.8.2; exploitation could cause stack mem...

6.2CVSS6.5AI score0.00395EPSS
CVE
CVE
added 2016/12/28 7:42 a.m.233 views

CVE-2016-9793

The CVE-2016-9793 issue affects the Linux kernel 4.8.x lineage prior to 4.8.14. The sock_setsockopt implementation in net/core/sock.c mishandles negative values for sk_sndbuf and sk_rcvbuf, enabling a local attacker with CAP_NET_ADMIN to trigger memory corruption and a potential denial of service...

7.8CVSS7.9AI score0.01566EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.232 views

CVE-2015-1573

CVE-2015-1573 affects the Linux kernel, where nft_flush_table() in net/netfilter/nf_tables_api.c mishandles cross-chain jumps with ruleset flushes, allowing a local user with CAP_NET_ADMIN to trigger a denial of service (panic) by flushing affected rules. Affected kernel versions are those before...

5.5CVSS4.9AI score0.0037EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.230 views

CVE-2012-6689

The CVE affects the Linux kernel before 3.5.5, where net/netlink/af_netlink.c:netlink_sendmsg does not validate dst_pid, enabling local spoofing of Netlink messages. Affected product is the Linux kernel (prior to 3.5.5); impact is listed as unspecified (local) with full confidentiality/integrity/...

7.8CVSS7AI score0.0031EPSS
CVE
CVE
added 2016/05/23 10:0 a.m.226 views

CVE-2016-4578

CVE-2016-4578 affects the Linux kernel’s ALSA timer subsystem (snd_timer_user_ccallback and snd_timer_user_tinterrupt). The provided sources confirm a local information leak: if the snd_timer interfaces are used, uninitialized r1 data can be read from kernel stack memory, enabling a local attacke...

5.5CVSS5.9AI score0.01213EPSS
Web
CVE
CVE
added 2016/04/27 5:0 p.m.225 views

CVE-2016-3134

The CVE-2016-3134 issue affects the Linux kernel netfilter/ip_tables.c, where the mark_source_chains() path can process an IPT_SET_REPLACE entry with an unvalidated next_offset. This can lead to out-of-bounds writes that enable local privilege escalation or cause a denial of service (heap memory ...

8.4CVSS6.1AI score0.01234EPSS
CVE
CVE
added 2016/11/16 4:49 a.m.224 views

CVE-2016-7910

CVE-2016-7910 is a Linux kernel use-after-free vulnerability in the disk_seqf_stop function (block/genhd.c) that allows a local attacker to gain elevated privileges by taking advantage of a stop operation after a failed start. Affected: Linux kernel versions before 4.7.1. Root cause: use-after-fr...

9.3CVSS7.4AI score0.02966EPSS
CVE
CVE
added 2016/12/30 6:0 p.m.223 views

CVE-2016-10088

CVE-2016-10088 affects the Linux kernel sg path (block/bsg.c, drivers/scsi/sg.c) and is tied to KERNEL_DS handling. A local user could read/write arbitrary kernel memory or trigger use-after-free via /dev/sg, due to an incomplete fix for CVE-2016-9576. Connected advisories confirm the issue acros...

7CVSS7.2AI score0.00372EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.222 views

CVE-2016-7039

CVE-2016-7039 affects the Linux kernel IP stack up to version 4.8.2. An attacker can trigger the GRO path with large crafted packets (e.g., VLAN header packets), causing stack consumption and a possible panic/DoS; this is related to CVE-2016-8666. Nessus/UTSA advisories for Unity Linux reference ...

7.8CVSS7.8AI score0.07613EPSS
CVE
CVE
added 2016/04/27 5:0 p.m.220 views

CVE-2016-2384

The CVE-2016-2384 issue affects the Linux kernel (snd_usbmidi_create in sound/usb/midi.c) prior to 4.5, caused by a double-free when handling an invalid USB descriptor. This can enable physically proximate attackers to trigger a denial of service (panic) or potentially other unspecified impacts. ...

4.9CVSS6.9AI score0.03723EPSS
CVE
CVE
added 2016/05/23 10:0 a.m.217 views

CVE-2016-4913

The CVE-2016-4913 issue affects the Linux kernel (fs/isofs/rock.c) and concerns get_rock_ridge_filename mishandling of NM (alternate name) entries containing a NUL character. A local attacker mounting a crafted isofs filesystem could read kernel memory due to this information leak. The vulnerabil...

7.8CVSS7.4AI score0.00512EPSS
CVE
CVE
added 2016/12/28 7:42 a.m.215 views

CVE-2016-9576

CVE-2016-9576 affects the Linux kernel’s SCSI generic (sg) path. The blk_rq_map_user_iov() function in block/blk-map.c did not properly restrict the iterator type, enabling a local attacker with access to /dev/sg to read or write arbitrary kernel memory or trigger a use-after-free. CVE-2016-10088...

7.8CVSS7AI score0.00437EPSS
CVE
CVE
added 2016/04/27 5:0 p.m.214 views

CVE-2015-8812

CVE-2015-8812 affects the Linux kernel CXGB3 driver; a use-after-free in drivers/infiniband/hw/cxgb3/iwch_cm.c can be triggered by crafted packets to remotely execute code or cause a denial of service. Impact is a remote-code execution/DoS via network traffic with the vulnerability labeled as hig...

10CVSS9.4AI score0.14281EPSS
CVE
CVE
added 2016/11/16 4:49 a.m.211 views

CVE-2016-7913

CVE-2016-7913 affects the Linux kernel tuner driver xc2028 (drivers/media/tuners/tuner-xc2028.c). The vulnerability stems from xc2028_set_config: if the firmware name is omitted from a data structure, a local attacker can trigger a use-after-free, enabling privilege escalation or a denial of serv...

9.3CVSS7.7AI score0.02156EPSS
CVE
CVE
added 2016/02/08 2:0 a.m.210 views

CVE-2015-8767

CVE-2015-8767 affects the Linux kernel SCTP path: net/sctp/sm_sideeffect.c fails to properly synchronize a lock with a socket during heartbeat timeout processing, allowing a local attacker to cause a denial of service (deadlock) via crafted sctp_accept calls. Affected: Linux kernel before 4.3 (pe...

6.2CVSS5.4AI score0.00391EPSS
CVE
CVE
added 2016/10/10 10:0 a.m.209 views

CVE-2015-8956

CVE-2015-8956 detailed in connected sources: The Linux kernel’s rfcomm_sock_bind in net/bluetooth/rfcomm/sock.c, vulnerable before 4.2, may allow a local attacker to obtain sensitive information or cause a denial of service (NULL pointer dereference) via a bind system call on a Bluetooth RFCOMM s...

6.1CVSS6.6AI score0.00225EPSS
CVE
CVE
added 2016/11/28 3:1 a.m.209 views

CVE-2016-8650

CVE-2016-8650 affects the Linux kernel: the mpi_powm function in lib/mpi/mpi-pow.c can fail to allocate memory for limb data, permitting a local attacker to trigger a denial of service (stack memory corruption/panic) via an add_key RSA operation with a zero exponent. Public advisories (F5) confir...

5.5CVSS5.8AI score0.00406EPSS
CVE
CVE
added 2016/02/08 2:0 a.m.208 views

CVE-2015-8539

CVE-2015-8539 is referenced in MiracleLinux AXSA-2018-2578 as a Linux kernel KEYS subsystem flaw fixed by updating the kernel to a version with mitigations. The vulnerability arises in the KEYS subsystem of the Linux kernel prior to 4.4, where crafted keyctl commands can negatively instantiate a ...

7.8CVSS7.2AI score0.00427EPSS
CVE
CVE
added 2016/06/27 10:0 a.m.206 views

CVE-2016-4470

CVE-2016-4470 affects the Linux kernel keyring handling: in key_reject_and_link() an uninitialized pointer may be dereferenced after an error, enabling a local attacker to trigger a denial of service (system crash) via crafted keyctl request2. Connected advisories confirm this is a kernel issue w...

5.5CVSS5.8AI score0.00582EPSS
CVE
CVE
added 2016/07/03 9:0 p.m.206 views

CVE-2016-4998

CVE-2016-4998 affects the Linux kernel netfilter IPT_SO_SET_REPLACE handling. The vulnerability allows a local attacker (e.g., with container/root access) to trigger an out-of-bounds read and potentially leak kernel heap memory or cause a Denial of Service by supplying a crafted offset that cross...

7.1CVSS7AI score0.01885EPSS
CVE
CVE
added 2016/12/28 7:42 a.m.206 views

CVE-2016-9588

CVE-2016-9588 affects the Linux kernel KVM arch/x86/kvm/vmx.c: it mismanages #BP and #OF exceptions, allowing a local attacker in an L2 guest to crash the L1 guest (DoS). The issue is fixed in kernel updates after 4.9, with advisories noting upgrades to 4.9.11+ (e.g., 4.9.11-1/2, 4.9.11+ upstream...

5.5CVSS5.6AI score0.00425EPSS
CVE
CVE
added 2016/08/06 8:0 p.m.205 views

CVE-2016-6480

CVE-2016-6480 is a race condition in the Adaptec AAC RAID driver (ioctl_send_fib in drivers/scsi/aacraid/commctrl.c) that could allow a local attacker to trigger a denial of service via an out-of-bounds access or system crash. Technical details show a TOCTTOU-like bug in FIB message handling; exp...

5.1CVSS5.8AI score0.00342EPSS
CVE
CVE
added 2016/02/08 2:0 a.m.202 views

CVE-2013-4312

The CVE-2013-4312 issue affects the Linux kernel prior to 4.4.1, where a local attacker could bypass per-process file-descriptor limits by sending descriptors over a local UNIX domain socket before closing them, causing memory exhaustion and potential denial of service. The root cause is the hand...

6.2CVSS5.7AI score0.006EPSS
CVE
CVE
added 2016/06/27 10:0 a.m.201 views

CVE-2016-5829

CVE-2016-5829 is a Linux kernel vulnerability in the hiddev driver (hiddev_ioctl_usage in drivers/hid/usbhid/hiddev.c) that allows a local user to trigger heap-based buffer overflows by sending crafted ioctls (HIDIOCGUSAGES or HIDIOCSUSAGES). Affected kernels are up to 4.6.3 (through 4.6.3). The ...

7.8CVSS7.8AI score0.00462EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.199 views

CVE-2015-8839

CVE-2015-8839 is a Linux kernel ext4 race-condition vulnerability (before 4.5) that local users could exploit to cause denial of service or disk corruption by writing to pages belonging to other users after unsynchronized hole punching and page faults. Public documents confirm the affected compon...

5.1CVSS5.1AI score0.00351EPSS
CVE
CVE
added 2016/05/23 10:0 a.m.197 views

CVE-2016-4565

CVE-2016-4565 affects the Linux kernel InfiniBand (IB) stack prior to 4.5.3, where certain IB interfaces improperly rely on write() semantics via a uAPI interface. This could allow a local unprivileged user to cause a denial of service (kernel memory write) and potentially other impact/escalation...

7.8CVSS7.8AI score0.00483EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.196 views

CVE-2015-8830

CVE-2015-8830 is a Linux kernel vulnerability caused by an integer overflow in the aio_setup_single_vector path (fs/aio.c) when handling a large AIO iovec. The issue could allow a local attacker to cause a denial of service or potentially other impact, as described in the CVE entry and reflected ...

7.8CVSS6.4AI score0.00496EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.193 views

CVE-2016-7097

CVE-2016-7097 is a Linux kernel vulnerability in which the setgid bit was not cleared during setxattr, allowing local users to gain group privileges if a setgid executable exists with restricted execute permissions. The issue is reported across the Linux filesystem/ACL handling and was addressed ...

4.4CVSS6AI score0.00377EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.193 views

CVE-2016-7425

CVE-2016-7425 affects the Linux kernel component arcmsr_iop_message_xfer in drivers/scsi/arcmsr/arcmsr_hba.c. The vulnerability arises because a length field is not properly restricted, enabling a local user to trigger a heap-based buffer overflow via the ARCMSR_MESSAGE_WRITE_WQBUFFER control cod...

7.8CVSS7.4AI score0.0043EPSS
CVE
CVE
added 2016/11/28 3:1 a.m.188 views

CVE-2015-8970

CVE-2015-8970 affects the Linux kernel prior to 4.4.2. The vulnerability is in crypto/algif_skcipher.c where a setkey operation on an AF_ALG socket may not be verified before an accept system call is processed, allowing a local attacker to trigger a NULL pointer dereference and system crash via a...

5.5CVSS5.4AI score0.00504EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.185 views

CVE-2016-8658

CVE-2016-8658: Stack-based buffer overflow in brcmf_cfg80211_start_ap (Linux kernel, brcmfmac cfg80211) before 4.7.5. Exploitation path involves sending a Netlink command with a long SSID Information Element, enabling a local attacker to trigger a denial-of-service (system crash) or potentially o...

6.1CVSS6.9AI score0.00647EPSS
Total number of security vulnerabilities216