Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:4.1:rc5:*:*:*:*:*:*
There are 866 matching records.
Displaying matches 821 through 840.
Vuln ID Summary CVSS Severity
CVE-2016-2384

Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.

Published: April 27, 2016; 1:59:11 PM -0400
V3.0: 4.6 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-2184

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.

Published: April 27, 2016; 1:59:09 PM -0400
V3.0: 4.6 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-2085

The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.

Published: April 27, 2016; 1:59:07 PM -0400
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2016-2069

Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.

Published: April 27, 2016; 1:59:07 PM -0400
V3.0: 7.4 HIGH
V2.0: 4.4 MEDIUM
CVE-2015-8845

The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Published: April 27, 2016; 1:59:05 PM -0400
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2015-8844

The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Published: April 27, 2016; 1:59:04 PM -0400
V3.0: 5.5 MEDIUM
V2.0: 4.7 MEDIUM
CVE-2015-8816

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.

Published: April 27, 2016; 1:59:03 PM -0400
V3.0: 6.8 MEDIUM
V2.0: 7.2 HIGH
CVE-2015-8812

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.

Published: April 27, 2016; 1:59:02 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2015-1339

Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.

Published: April 27, 2016; 1:59:00 PM -0400
V3.0: 6.2 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-0728

The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.

Published: February 07, 2016; 10:59:10 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-0723

Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.

Published: February 07, 2016; 10:59:09 PM -0500
V3.0: 6.8 MEDIUM
V2.0: 5.6 MEDIUM
CVE-2015-8767

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

Published: February 07, 2016; 10:59:06 PM -0500
V3.0: 6.2 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2015-8709

** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here."

Published: February 07, 2016; 10:59:05 PM -0500
V3.0: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2015-8575

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Published: February 07, 2016; 10:59:04 PM -0500
V3.0: 4.0 MEDIUM
V2.0: 2.1 LOW
CVE-2015-7566

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.

Published: February 07, 2016; 10:59:03 PM -0500
V3.0: 4.6 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2015-7550

The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.

Published: February 07, 2016; 10:59:02 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2013-4312

The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.

Published: February 07, 2016; 10:59:00 PM -0500
V3.0: 6.2 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2015-8660

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

Published: December 28, 2015; 6:59:08 AM -0500
V3.0: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2015-8569

The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Published: December 28, 2015; 6:59:07 AM -0500
V3.0: 2.3 LOW
V2.0: 1.9 LOW
CVE-2015-8543

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.

Published: December 28, 2015; 6:59:06 AM -0500
V3.0: 7.0 HIGH
V2.0: 6.9 MEDIUM