Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:linux:linux_kernel:4.5:rc3:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-4470 |
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command. Published: June 27, 2016; 6:59:08 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2016-4440 |
arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode. Published: June 27, 2016; 6:59:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-3713 |
The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call. Published: June 27, 2016; 6:59:05 AM -0400 |
V3.0: 7.1 HIGH V2.0: 5.6 MEDIUM |
CVE-2016-1583 |
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. Published: June 27, 2016; 6:59:03 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-4171 |
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016. Published: June 16, 2016; 10:59:51 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2016-4951 |
The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation. Published: May 23, 2016; 6:59:15 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-4913 |
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem. Published: May 23, 2016; 6:59:14 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-4805 |
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions. Published: May 23, 2016; 6:59:13 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-4794 |
Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls. Published: May 23, 2016; 6:59:12 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-4581 |
fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls. Published: May 23, 2016; 6:59:11 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2016-4580 |
The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request. Published: May 23, 2016; 6:59:10 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-4578 |
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions. Published: May 23, 2016; 6:59:09 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2016-4569 |
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface. Published: May 23, 2016; 6:59:08 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2016-4568 |
drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a crafted number of planes in a VIDIOC_DQBUF ioctl call. Published: May 23, 2016; 6:59:07 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-4565 |
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. Published: May 23, 2016; 6:59:05 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-4558 |
The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count. Published: May 23, 2016; 6:59:04 AM -0400 |
V3.1: 7.0 HIGH V2.0: 6.9 MEDIUM |
CVE-2016-4557 |
The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor. Published: May 23, 2016; 6:59:03 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-4486 |
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message. Published: May 23, 2016; 6:59:02 AM -0400 |
V3.0: 3.3 LOW V2.0: 2.1 LOW |
CVE-2016-4485 |
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message. Published: May 23, 2016; 6:59:01 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-4482 |
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. Published: May 23, 2016; 6:59:00 AM -0400 |
V3.0: 6.2 MEDIUM V2.0: 2.1 LOW |