Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:4.1:rc5:*:*:*:*:*:*
There are 866 matching records.
Displaying matches 681 through 700.
Vuln ID Summary CVSS Severity
CVE-2017-2583

The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.

Published: February 06, 2017; 1:59:00 AM -0500
V3.0: 8.4 HIGH
V2.0: 4.6 MEDIUM
CVE-2016-10208

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.

Published: February 06, 2017; 1:59:00 AM -0500
V3.0: 4.3 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-10150

Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.

Published: February 06, 2017; 1:59:00 AM -0500
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2016-10147

crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5).

Published: January 18, 2017; 4:59:00 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2017-2584

arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.

Published: January 14, 2017; 9:59:02 PM -0500
V3.0: 7.1 HIGH
V2.0: 3.6 LOW
CVE-2016-9754

The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.

Published: January 05, 2017; 6:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.

Published: December 30, 2016; 1:59:00 PM -0500
V3.0: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2016-9806

Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9794

Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9793

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9777

KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 6.9 MEDIUM
CVE-2016-9756

arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2016-9755

The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2016-9685

Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-9588

arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2016-9576

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-6213

fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts.

Published: December 28, 2016; 2:59:00 AM -0500
V3.0: 4.7 MEDIUM
V2.0: 4.7 MEDIUM
CVE-2016-9120

Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.

Published: December 08, 2016; 4:59:02 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2015-8966

arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call.

Published: December 08, 2016; 4:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-9919

The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.

Published: December 08, 2016; 12:59:03 PM -0500
V3.0: 7.5 HIGH
V2.0: 7.8 HIGH