National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.22.20
There are 1,294 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2017-17053

The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program. This vulnerability only affected kernels built with CONFIG_MODIFY_LDT_SYSCALL=y.

Published: November 28, 2017; 10:29:00 PM -05:00
V3: 7.0 HIGH
V2: 6.9 MEDIUM
CVE-2017-17052

The mm_init function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the ->exe_file member of a new process's mm_struct, allowing a local attacker to achieve a use-after-free or possibly have unspecified other impact by running a specially crafted program.

Published: November 28, 2017; 10:29:00 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-16994

The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.

Published: November 27, 2017; 02:29:00 PM -05:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2017-16939

The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.

Published: November 24, 2017; 05:29:00 AM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-12193

The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.

Published: November 22, 2017; 01:29:00 PM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2017-12190

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.

Published: November 22, 2017; 01:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2017-15115

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.

Published: November 15, 2017; 04:29:00 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-15102

The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.

Published: November 15, 2017; 04:29:00 PM -05:00
V3: 6.3 MEDIUM
V2: 6.9 MEDIUM
CVE-2017-16650

The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.

Published: November 07, 2017; 06:29:00 PM -05:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-16649

The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.

Published: November 07, 2017; 06:29:00 PM -05:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-16648

The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. NOTE: the function was later renamed __dvb_frontend_free.

Published: November 07, 2017; 06:29:00 PM -05:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-16647

drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

Published: November 07, 2017; 06:29:00 PM -05:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-16646

drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or possibly have unspecified other impact via a crafted USB device.

Published: November 07, 2017; 06:29:00 PM -05:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-16645

The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.

Published: November 07, 2017; 06:29:00 PM -05:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-16644

The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.

Published: November 07, 2017; 06:29:00 PM -05:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-16643

The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.

Published: November 07, 2017; 06:29:00 PM -05:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-15306

The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm.

Published: November 06, 2017; 01:29:00 PM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2017-16538

drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner).

Published: November 03, 2017; 09:29:37 PM -04:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-16537

The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

Published: November 03, 2017; 09:29:37 PM -04:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH
CVE-2017-16536

The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

Published: November 03, 2017; 09:29:37 PM -04:00
V3: 6.6 MEDIUM
V2: 7.2 HIGH