VYPR

Vendor CVEs

Linux

All CVEs

15,999 total · sorted by risk
  • CVE-2017-12193MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.00

    The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the…

  • CVE-2017-15306MedNov 6, 2017
    risk 0.36cvss 5.5epss 0.00

    The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm.

  • CVE-2017-1000255MedOct 30, 2017
    risk 0.36cvss 5.5epss 0.00

    On Linux running on PowerPC hardware (Power8 or later) a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception (interrupt), and use the r1 value *from the signal frame* as the kernel stack pointer. As part of the exception entry…

  • CVE-2017-15537MedOct 17, 2017
    risk 0.36cvss 5.5epss 0.00

    The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call,…

  • CVE-2017-15299MedOct 14, 2017
    risk 0.36cvss 5.5epss 0.01

    The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a…

  • CVE-2017-15274MedOct 12, 2017
    risk 0.36cvss 5.5epss 0.00

    security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system…

  • CVE-2017-12192MedOct 12, 2017
    risk 0.36cvss 5.5epss 0.00

    The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system…

  • CVE-2017-14991MedOct 4, 2017
    risk 0.36cvss 5.5epss 0.00

    The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.

  • CVE-2017-14954MedOct 2, 2017
    risk 0.36cvss 5.5epss 0.01

    The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call.

  • CVE-2017-1000252MedSep 26, 2017
    risk 0.36cvss 5.5epss 0.00

    The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.

  • CVE-2017-14340MedSep 15, 2017
    risk 0.36cvss 5.5epss 0.00

    The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT…

  • CVE-2017-14156MedSep 5, 2017
    risk 0.36cvss 5.5epss 0.00

    The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes.

  • CVE-2017-14140MedSep 5, 2017
    risk 0.36cvss 5.5epss 0.00

    The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.

  • CVE-2017-14106MedSep 1, 2017
    risk 0.36cvss 5.5epss 0.00

    The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.

  • CVE-2017-13695MedAug 25, 2017
    risk 0.36cvss 5.5epss 0.00

    The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection…

  • CVE-2017-13694MedAug 25, 2017
    risk 0.36cvss 5.5epss 0.00

    The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the…

  • CVE-2017-13693MedAug 25, 2017
    risk 0.36cvss 5.5epss 0.00

    The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection…

  • CVE-2017-7542MedJul 21, 2017
    risk 0.36cvss 5.5epss 0.00

    The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.

  • CVE-2017-1000380MedJun 17, 2017
    risk 0.36cvss 5.5epss 0.01

    sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl…

  • CVE-2017-9605MedJun 13, 2017
    risk 0.36cvss 5.5epss 0.00

    The vmw_gb_surface_define_ioctl function (accessible via DRM_IOCTL_VMW_GB_SURFACE_CREATE) in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.11.4 defines a backup_handle variable but does not give it an initial value. If one attempts to create a GB surface,…

  • CVE-2017-9242MedMay 27, 2017
    risk 0.36cvss 5.5epss 0.00

    The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

  • CVE-2017-9211MedMay 23, 2017
    risk 0.36cvss 5.5epss 0.00

    The crypto_skcipher_init_tfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service (NULL pointer dereference) via a crafted application.

  • CVE-2017-9059MedMay 18, 2017
    risk 0.36cvss 5.5epss 0.00

    The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak.

  • CVE-2017-7495MedMay 15, 2017
    risk 0.36cvss 5.5epss 0.00

    fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset,…

  • CVE-2017-8925MedMay 12, 2017
    risk 0.36cvss 5.5epss 0.00

    The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.

  • CVE-2017-0626MedMay 12, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user…

  • CVE-2017-0624MedMay 12, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission.…

  • CVE-2016-10292MedMay 12, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a proximate attacker to cause a denial of service in the Wi-Fi subsystem. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10,…

  • CVE-2017-8106MedApr 24, 2017
    risk 0.36cvss 5.5epss 0.00

    The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.

  • CVE-2017-8071MedApr 23, 2017
    risk 0.36cvss 5.5epss 0.00

    drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via unspecified vectors.

  • CVE-2017-7616MedApr 10, 2017
    risk 0.36cvss 5.5epss 0.00

    Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

  • CVE-2017-7346MedMar 30, 2017
    risk 0.36cvss 5.5epss 0.00

    The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD*…

  • CVE-2017-7261MedMar 24, 2017
    risk 0.36cvss 5.5epss 0.00

    The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly…

  • CVE-2017-6951MedMar 16, 2017
    risk 0.36cvss 5.5epss 0.00

    The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.

  • CVE-2017-0336MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…

  • CVE-2017-0334MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…

  • CVE-2016-8483MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission.…

  • CVE-2017-6353MedMar 1, 2017
    risk 0.36cvss 5.5epss 0.00

    net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this…

  • CVE-2017-6348MedMar 1, 2017
    risk 0.36cvss 5.5epss 0.00

    The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.

  • CVE-2017-5986MedFeb 18, 2017
    risk 0.36cvss 5.5epss 0.01

    Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.

  • CVE-2017-0448MedFeb 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…

  • CVE-2017-5577MedFeb 6, 2017
    risk 0.36cvss 5.5epss 0.00

    The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via…

  • CVE-2017-5550MedFeb 6, 2017
    risk 0.36cvss 5.5epss 0.00

    Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release…

  • CVE-2017-5549MedFeb 6, 2017
    risk 0.36cvss 5.5epss 0.00

    The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log.

  • CVE-2016-8463MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions:…

  • CVE-2016-8461MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. Product: Android. Versions: Kernel-3.18. Android ID: A-32369621.

  • CVE-2016-8460MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…

  • CVE-2016-8400MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the NVIDIA librm library (libnvrm) could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission.…

  • CVE-2016-8397MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…

  • CVE-2016-9756MedDec 28, 2016
    risk 0.36cvss 5.5epss 0.00

    arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Page 197 of 320