National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:3.14:rc3
There are 707 matching records.
Displaying matches 521 through 540.
Vuln ID Summary CVSS Severity
CVE-2016-3672

The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits.

Published: April 27, 2016; 01:59:27 PM -04:00
V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2016-3156

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.

Published: April 27, 2016; 01:59:26 PM -04:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2016-3139

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

Published: April 27, 2016; 01:59:24 PM -04:00
V3: 4.6 MEDIUM
V2: 4.9 MEDIUM
CVE-2016-3135

Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

Published: April 27, 2016; 01:59:23 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2016-3134

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

Published: April 27, 2016; 01:59:22 PM -04:00
V3: 8.4 HIGH
V2: 7.2 HIGH
CVE-2016-2847

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.

Published: April 27, 2016; 01:59:21 PM -04:00
V3: 6.2 MEDIUM
V2: 4.9 MEDIUM
CVE-2016-2550

The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by leveraging incorrect tracking of descriptor ownership and sending each descriptor over a UNIX socket before closing it. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-4312.

Published: April 27, 2016; 01:59:19 PM -04:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2016-2549

sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service (deadlock) via a crafted ioctl call.

Published: April 27, 2016; 01:59:18 PM -04:00
V3: 6.2 MEDIUM
V2: 2.1 LOW
CVE-2016-2548

sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.

Published: April 27, 2016; 01:59:18 PM -04:00
V3: 6.2 MEDIUM
V2: 4.9 MEDIUM
CVE-2016-2547

sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.

Published: April 27, 2016; 01:59:17 PM -04:00
V3: 5.1 MEDIUM
V2: 4.7 MEDIUM
CVE-2016-2546

sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.

Published: April 27, 2016; 01:59:16 PM -04:00
V3: 5.1 MEDIUM
V2: 4.7 MEDIUM
CVE-2016-2545

The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call.

Published: April 27, 2016; 01:59:15 PM -04:00
V3: 5.1 MEDIUM
V2: 4.7 MEDIUM
CVE-2016-2544

Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time.

Published: April 27, 2016; 01:59:13 PM -04:00
V3: 5.1 MEDIUM
V2: 4.7 MEDIUM
CVE-2016-2543

The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call.

Published: April 27, 2016; 01:59:12 PM -04:00
V3: 6.2 MEDIUM
V2: 4.9 MEDIUM
CVE-2016-2384

Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.

Published: April 27, 2016; 01:59:11 PM -04:00
V3: 4.6 MEDIUM
V2: 4.9 MEDIUM
CVE-2016-2184

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.

Published: April 27, 2016; 01:59:09 PM -04:00
V3: 4.6 MEDIUM
V2: 4.9 MEDIUM
CVE-2016-2085

The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.

Published: April 27, 2016; 01:59:07 PM -04:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2016-2069

Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.

Published: April 27, 2016; 01:59:07 PM -04:00
V3: 7.4 HIGH
V2: 4.4 MEDIUM
CVE-2015-8845

The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Published: April 27, 2016; 01:59:05 PM -04:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2015-8844

The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Published: April 27, 2016; 01:59:04 PM -04:00
V3: 5.5 MEDIUM
V2: 4.7 MEDIUM