VYPR

Kernel

by Linux

Source repositories

CVEs (15,869)

  • CVE-2006-5331MedOct 29, 2017
    risk 0.29cvss 5.5epss 0.00

    The altivec_unavailable_exception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIG_ALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detected by the kernel, which…

  • CVE-2017-12153MedSep 21, 2017
    risk 0.29cvss 4.4epss 0.00

    A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the…

  • CVE-2015-7837MedSep 19, 2017
    risk 0.29cvss 5.5epss 0.00

    The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec…

  • CVE-2017-14051MedAug 31, 2017
    risk 0.29cvss 4.4epss 0.00

    An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.

  • CVE-2006-3635MedAug 7, 2017
    risk 0.29cvss 5.5epss 0.01

    The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of invalid Register Stack Engine (RSE) state.

  • CVE-2010-5329MedApr 24, 2017
    risk 0.29cvss 5.5epss 0.00

    The video_usercopy function in drivers/media/video/v4l2-ioctl.c in the Linux kernel before 2.6.39 relies on the count value of a v4l2_ext_controls data structure to determine a kmalloc size, which might allow local users to cause a denial of service (memory consumption) via a…

  • CVE-2017-5551MedFeb 6, 2017
    risk 0.29cvss 4.4epss 0.00

    The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on…

  • CVE-2016-10154MedFeb 6, 2017
    risk 0.29cvss 5.5epss 0.00

    The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x before 4.9.1 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by…

  • CVE-2010-5328MedFeb 6, 2017
    risk 0.29cvss 5.5epss 0.00

    include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service (system crash) by leveraging access to this process group.

  • CVE-2016-10147MedJan 18, 2017
    risk 0.29cvss 5.5epss 0.00

    crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5).

  • CVE-2015-8970MedNov 28, 2016
    risk 0.29cvss 5.5epss 0.01

    crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash)…

  • CVE-2015-8964MedNov 16, 2016
    risk 0.29cvss 5.5epss 0.01

    The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.

  • CVE-2016-7097MedOct 16, 2016
    risk 0.29cvss 4.4epss 0.00

    The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.

  • CVE-2015-8953MedOct 16, 2016
    risk 0.29cvss 5.5epss 0.01

    fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service (dentry reference leak) via filesystem operations on a large file in a lower overlayfs layer.

  • CVE-2015-8952MedOct 16, 2016
    risk 0.29cvss 5.5epss 0.00

    The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as…

  • CVE-2015-8950MedOct 10, 2016
    risk 0.29cvss 5.5epss 0.01

    arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.

  • CVE-2015-8944MedAug 6, 2016
    risk 0.29cvss 5.5epss 0.01

    The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by reading this file, aka…

  • CVE-2014-9900MedAug 6, 2016
    risk 0.29cvss 5.5epss 0.01

    The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted…

  • CVE-2014-9895MedAug 6, 2016
    risk 0.29cvss 5.5epss 0.01

    drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka…

  • CVE-2014-9892MedAug 6, 2016
    risk 0.29cvss 5.5epss 0.01

    The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information…

Page 575 of 794