National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.1.43
There are 2,493 matching records.
Displaying matches 481 through 500.
Vuln ID Summary CVSS Severity
CVE-2017-14954

The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call.

Published: October 01, 2017; 09:29:00 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2017-12154

The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.

Published: September 26, 2017; 01:29:00 AM -04:00
V3.0: 7.1 HIGH
    V2: 3.6 LOW
CVE-2017-1000252

The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.

Published: September 26, 2017; 01:29:00 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2017-12153

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

Published: September 21, 2017; 11:29:00 AM -04:00
V3.0: 4.4 MEDIUM
    V2: 4.9 MEDIUM
CVE-2017-12168

The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by accessing the Performance Monitors Cycle Count Register (PMCCNTR).

Published: September 20, 2017; 04:29:00 AM -04:00
V3.0: 6.0 MEDIUM
    V2: 4.9 MEDIUM
CVE-2017-14497

The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system calls.

Published: September 15, 2017; 02:29:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2017-14340

The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory.

Published: September 15, 2017; 07:29:00 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2017-14489

The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.

Published: September 15, 2017; 06:29:00 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2017-12146

The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides.

Published: September 08, 2017; 03:29:00 PM -04:00
V3.0: 7.0 HIGH
    V2: 6.9 MEDIUM
CVE-2017-14156

The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes.

Published: September 05, 2017; 01:29:00 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2017-14140

The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.

Published: September 05, 2017; 02:29:00 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2017-14106

The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.

Published: September 01, 2017; 12:29:00 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2017-14051

An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.

Published: August 31, 2017; 12:29:00 AM -04:00
V3.0: 4.4 MEDIUM
    V2: 4.9 MEDIUM
CVE-2017-13715

The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a single crafted MPLS packet.

Published: August 28, 2017; 09:35:13 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2017-13695

The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.

Published: August 25, 2017; 04:29:00 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2017-13694

The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.

Published: August 25, 2017; 04:29:00 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2017-13693

The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.

Published: August 25, 2017; 04:29:00 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2017-10663

The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors.

Published: August 19, 2017; 02:29:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2017-10662

The sanity_check_raw_super function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors.

Published: August 19, 2017; 02:29:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2017-10661

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.

Published: August 19, 2017; 02:29:00 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH