Lucene search

K
LinuxLinux Kernel

18 matches found

CVE
CVE
added 2014/09/28 10:55 a.m.190 views

CVE-2012-6657

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.

4.9CVSS6.6AI score0.00122EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.185 views

CVE-2014-6410

The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode.

4.7CVSS5.8AI score0.00068EPSS
CVE
CVE
added 2014/09/01 1:55 a.m.116 views

CVE-2014-5471

Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a direc...

4CVSS5.6AI score0.00117EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.110 views

CVE-2014-7145

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.

7.8CVSS6.4AI score0.01212EPSS
CVE
CVE
added 2014/09/01 1:55 a.m.107 views

CVE-2014-5472

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry.

4CVSS5.5AI score0.00076EPSS
CVE
CVE
added 2014/09/28 7:55 p.m.98 views

CVE-2014-0205

The futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application t...

6.9CVSS7.4AI score0.00041EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.97 views

CVE-2014-3184

The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-...

4.7CVSS6.7AI score0.00068EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.94 views

CVE-2014-3181

Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a craft...

6.9CVSS6.8AI score0.00126EPSS
CVE
CVE
added 2014/09/01 1:55 a.m.93 views

CVE-2014-3601

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by t...

4.3CVSS6.6AI score0.00368EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.88 views

CVE-2014-3185

Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash...

6.9CVSS6.7AI score0.00103EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.80 views

CVE-2014-6416

Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket.

7.8CVSS8.1AI score0.03863EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.76 views

CVE-2014-3186

Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbit...

6.9CVSS6.9AI score0.00121EPSS
CVE
CVE
added 2014/09/28 7:55 p.m.74 views

CVE-2014-3535

include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface.

7.8CVSS5.1AI score0.00821EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.74 views

CVE-2014-3631

The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified o...

7.2CVSS6.4AI score0.00364EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.73 views

CVE-2014-3182

Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE...

6.9CVSS6.5AI score0.00142EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.58 views

CVE-2014-3183

Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that specifies a large repor...

6.9CVSS7.9AI score0.00165EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.56 views

CVE-2014-6417

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket.

7.8CVSS7.6AI score0.05588EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.55 views

CVE-2014-6418

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor.

7.1CVSS7.7AI score0.05251EPSS