Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:linux:linux_kernel:4.4.77:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-16643 |
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 07, 2017; 6:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-15306 |
The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm. Published: November 06, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2017-16538 |
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner). Published: November 03, 2017; 9:29:37 PM -0400 |
V4.0:(not available) V3.0: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16537 |
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:37 PM -0400 |
V4.0:(not available) V3.0: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16536 |
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:37 PM -0400 |
V4.0:(not available) V3.0: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16535 |
The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:37 PM -0400 |
V4.0:(not available) V3.0: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16534 |
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:37 PM -0400 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16533 |
The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:37 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16532 |
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:37 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16531 |
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor. Published: November 03, 2017; 9:29:36 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16530 |
The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to drivers/usb/storage/uas-detect.h and drivers/usb/storage/uas.c. Published: November 03, 2017; 9:29:36 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16529 |
The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:36 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16528 |
sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:36 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16527 |
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:36 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-16526 |
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device. Published: November 03, 2017; 9:29:36 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-16525 |
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup. Published: November 03, 2017; 9:29:36 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0: 7.2 HIGH |
CVE-2017-15951 |
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls. Published: October 27, 2017; 10:29:00 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-15649 |
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346. Published: October 19, 2017; 6:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2017-15537 |
The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c. Published: October 17, 2017; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2017-15265 |
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c. Published: October 16, 2017; 2:29:00 PM -0400 |
V4.0:(not available) V3.1: 7.0 HIGH V2.0: 6.9 MEDIUM |