U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:4.7.2
There are 1,264 matching records.
Displaying matches 1,241 through 1,260.
Vuln ID Summary CVSS Severity
CVE-2016-9084

drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.

Published: November 27, 2016; 10:59:12 PM -0500
V4.0:(not available)
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2016-9083

drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug."

Published: November 27, 2016; 10:59:11 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-8650

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

Published: November 27, 2016; 10:59:09 PM -0500
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-8645

The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.

Published: November 27, 2016; 10:59:07 PM -0500
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-8633

drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.

Published: November 27, 2016; 10:59:06 PM -0500
V4.0:(not available)
V3.0: 6.8 MEDIUM
V2.0: 6.2 MEDIUM
CVE-2016-8632

The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.

Published: November 27, 2016; 10:59:04 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-8630

The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM is enabled, allows local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction.

Published: November 27, 2016; 10:59:03 PM -0500
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Published: November 10, 2016; 4:59:00 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-8660

The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data implementation."

Published: October 16, 2016; 5:59:14 PM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-8658

Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket.

Published: October 16, 2016; 5:59:13 PM -0400
V4.0:(not available)
V3.0: 6.1 MEDIUM
V2.0: 5.6 MEDIUM
CVE-2016-7425

The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.

Published: October 16, 2016; 5:59:12 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-7097

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.

Published: October 16, 2016; 5:59:11 PM -0400
V4.0:(not available)
V3.0: 4.4 MEDIUM
V2.0: 3.6 LOW
CVE-2016-7042

The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.

Published: October 16, 2016; 5:59:10 PM -0400
V4.0:(not available)
V3.0: 6.2 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-7039

The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.

Published: October 16, 2016; 5:59:09 PM -0400
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2016-6828

The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.

Published: October 16, 2016; 5:59:08 PM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2015-0571

The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c.

Published: May 09, 2016; 6:59:02 AM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2015-0570

Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element.

Published: May 09, 2016; 6:59:01 AM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2015-0569

Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter.

Published: May 09, 2016; 6:59:00 AM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-2854

The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.

Published: May 02, 2016; 6:59:34 AM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2016-2853

The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.

Published: May 02, 2016; 6:59:33 AM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 4.4 MEDIUM