National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:3.14:rc3
There are 688 matching records.
Displaying matches 521 through 540.
Vuln ID Summary CVSS Severity
CVE-2015-8844

The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Published: April 27, 2016; 01:59:04 PM -04:00
V3: 5.5 MEDIUM
V2: 4.7 MEDIUM
CVE-2015-8816

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.

Published: April 27, 2016; 01:59:03 PM -04:00
V3: 6.8 MEDIUM
V2: 7.2 HIGH
CVE-2015-8812

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.

Published: April 27, 2016; 01:59:02 PM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2015-1339

Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.

Published: April 27, 2016; 01:59:00 PM -04:00
V3: 6.2 MEDIUM
V2: 4.9 MEDIUM
CVE-2015-8551

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."

Published: April 13, 2016; 11:59:05 AM -04:00
V3: 5.3 MEDIUM
V2: 4.7 MEDIUM
CVE-2016-0823

The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721.

Published: March 12, 2016; 04:59:08 PM -05:00
V3: 4.0 MEDIUM
V2: 2.1 LOW
CVE-2016-0728

The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.

Published: February 07, 2016; 10:59:10 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2016-0723

Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.

Published: February 07, 2016; 10:59:09 PM -05:00
V3: 6.8 MEDIUM
V2: 5.6 MEDIUM
CVE-2015-8767

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

Published: February 07, 2016; 10:59:06 PM -05:00
V3: 6.2 MEDIUM
V2: 4.9 MEDIUM
CVE-2015-8709

** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here."

Published: February 07, 2016; 10:59:05 PM -05:00
V3: 7.0 HIGH
V2: 6.9 MEDIUM
CVE-2015-8575

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Published: February 07, 2016; 10:59:04 PM -05:00
V3: 4.0 MEDIUM
V2: 2.1 LOW
CVE-2015-7566

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.

Published: February 07, 2016; 10:59:03 PM -05:00
V3: 4.6 MEDIUM
V2: 4.9 MEDIUM
CVE-2015-7550

The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.

Published: February 07, 2016; 10:59:02 PM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2013-4312

The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.

Published: February 07, 2016; 10:59:00 PM -05:00
V3: 6.2 MEDIUM
V2: 4.9 MEDIUM
CVE-2015-8660

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

Published: December 28, 2015; 06:59:08 AM -05:00
V3: 6.7 MEDIUM
V2: 7.2 HIGH
CVE-2015-8569

The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Published: December 28, 2015; 06:59:07 AM -05:00
V3: 2.3 LOW
V2: 1.9 LOW
CVE-2015-8543

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.

Published: December 28, 2015; 06:59:06 AM -05:00
V3: 7.0 HIGH
V2: 6.9 MEDIUM
CVE-2015-8374

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.

Published: December 28, 2015; 06:59:05 AM -05:00
V3: 4.0 MEDIUM
V2: 2.1 LOW
CVE-2015-7990

Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.

Published: December 28, 2015; 06:59:04 AM -05:00
V3: 5.8 MEDIUM
V2: 5.9 MEDIUM
CVE-2015-7885

The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Published: December 28, 2015; 06:59:03 AM -05:00
V3: 2.3 LOW
V2: 2.1 LOW