Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.3.39
There are 1,769 matching records.
Displaying matches 741 through 760.
Vuln ID Summary CVSS Severity
CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.

Published: December 30, 2016; 1:59:00 PM -0500
V3.0: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2016-9806

Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9794

Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9793

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9777

KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 6.9 MEDIUM
CVE-2016-9756

arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2016-9755

The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2016-9685

Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-9588

arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2016-9576

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-6787

kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 31095224.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2016-6786

kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2016-6213

fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 4.7 MEDIUM
V2.0: 4.7 MEDIUM
CVE-2012-6704

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9120

Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.

Published: December 08, 2016; 4:59:02 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2015-8967

arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access.

Published: December 08, 2016; 4:59:01 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2015-8966

arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call.

Published: December 08, 2016; 4:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9919

The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.

Published: December 08, 2016; 12:59:03 PM -0500
V3.0: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2016-8655

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

Published: December 08, 2016; 3:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9555

The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.

Published: November 27, 2016; 10:59:17 PM -0500
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH