Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:3.10
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-6781 |
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31095175. References: MT-ALPS02943455. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.0 HIGH V2.0: 9.3 HIGH |
CVE-2016-6780 |
An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31251496. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
CVE-2016-6779 |
An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31386004. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
CVE-2016-6778 |
An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31384646. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
CVE-2016-6777 |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31910462. References: N-CVE-2016-6777. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2016-6776 |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31680980. References: N-CVE-2016-6776. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2016-6775 |
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31222873. References: N-CVE-2016-6775. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2016-6761 |
An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29421682. References: QC-CR#1055792. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2016-6760 |
An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29617572. References: QC-CR#1055783. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2016-6759 |
An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29982686. References: QC-CR#1055766. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2016-6758 |
An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30148882. References: QC-CR#1071731. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2016-6757 |
An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30148242. References: QC-CR#1052821. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 4.7 MEDIUM V2.0: 2.6 LOW |
CVE-2016-6756 |
An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29464815. References: QC-CR#1042068. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 4.7 MEDIUM V2.0: 2.6 LOW |
CVE-2016-6755 |
An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30740545. References: QC-CR#1065916. Published: January 12, 2017; 10:59:00 AM -0500 |
V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
CVE-2016-9754 |
The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file. Published: January 05, 2017; 6:59:00 AM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-10088 |
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576. Published: December 30, 2016; 1:59:00 PM -0500 |
V3.1: 7.0 HIGH V2.0: 6.9 MEDIUM |
CVE-2016-9794 |
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command. Published: December 28, 2016; 2:59:00 AM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-9793 |
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option. Published: December 28, 2016; 2:59:00 AM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-9756 |
arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. Published: December 28, 2016; 2:59:00 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2016-9755 |
The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c. Published: December 28, 2016; 2:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |