Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:3.15.8
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-7145 |
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2014-6418 |
net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2014-6417 |
net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2014-6416 |
Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2014-6410 |
The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2014-3631 |
The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2014-3186 |
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2014-3185 |
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2014-3184 |
The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2014-3183 |
Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that specifies a large report size for an LED report. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2014-3182 |
Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2014-3181 |
Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with an event. Published: September 28, 2014; 6:55:10 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2014-5472 |
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry. Published: August 31, 2014; 9:55:28 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2014-5471 |
Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry. Published: August 31, 2014; 9:55:28 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2014-3601 |
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages. Published: August 31, 2014; 9:55:18 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2014-5207 |
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace. Published: August 18, 2014; 7:15:27 AM -0400 |
V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-2014-5206 |
The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace. Published: August 18, 2014; 7:15:27 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2014-5077 |
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction. Published: August 01, 2014; 7:13:09 AM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2014-4943 |
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. Published: July 19, 2014; 3:55:08 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2014-3532 |
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded. Published: July 19, 2014; 3:55:07 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |