VYPR

Vendor CVEs

Linux

All CVEs

15,975 total · sorted by risk
  • CVE-2017-8067HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/char/virtio_console.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by…

  • CVE-2017-8066HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/net/can/usb/gs_usb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.2 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by…

  • CVE-2017-8065HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of…

  • CVE-2017-8064HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other…

  • CVE-2017-8063HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact by leveraging use of more…

  • CVE-2017-8062HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10.x before 4.10.4 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by…

  • CVE-2017-8061HigApr 23, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other…

  • CVE-2017-7979HigApr 19, 2017
    risk 0.51cvss 7.8epss 0.00

    The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refcount underflow, and system…

  • CVE-2017-7889HigApr 17, 2017
    risk 0.51cvss 7.8epss 0.00

    The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an…

  • CVE-2017-0564HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.04

    An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0563HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-5870HigApr 4, 2017
    risk 0.51cvss 7.8epss 0.00

    The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL…

  • CVE-2017-7374HigMar 31, 2017
    risk 0.51cvss 7.8epss 0.01

    Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic…

  • CVE-2017-2647HigMar 31, 2017
    risk 0.51cvss 7.8epss 0.00

    The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in…

  • CVE-2017-7294HigMar 29, 2017
    risk 0.51cvss 7.8epss 0.00

    The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service…

  • CVE-2017-7187HigMar 20, 2017
    risk 0.51cvss 7.8epss 0.00

    The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to…

  • CVE-2017-7184HigMar 19, 2017
    risk 0.51cvss 7.8epss 0.02

    The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by…

  • CVE-2017-0528HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or…

  • CVE-2017-0510HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0508HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0507HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0455HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in…

  • CVE-2017-0338HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0337HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0335HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0333HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0307HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0306HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8479HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-6347HigMar 1, 2017
    risk 0.51cvss 7.8epss 0.00

    The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system…

  • CVE-2017-6345HigMar 1, 2017
    risk 0.51cvss 7.8epss 0.00

    The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.

  • CVE-2017-5669HigFeb 24, 2017
    risk 0.51cvss 7.8epss 0.00

    The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by…

  • CVE-2016-8636HigFeb 22, 2017
    risk 0.51cvss 7.8epss 0.01

    Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other…

  • CVE-2017-0430HigFeb 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0429HigFeb 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0428HigFeb 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2017-0427HigFeb 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-2779HigFeb 7, 2017
    risk 0.51cvss 7.8epss 0.00

    runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

  • CVE-2017-5576HigFeb 6, 2017
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl…

  • CVE-2017-5548HigFeb 6, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of…

  • CVE-2017-5547HigFeb 6, 2017
    risk 0.51cvss 7.8epss 0.00

    drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more…

  • CVE-2017-5546HigFeb 6, 2017
    risk 0.51cvss 7.8epss 0.00

    The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service (duplicate freelist entries and system crash) or possibly have unspecified other impact in opportunistic circumstances by leveraging…

  • CVE-2016-8443HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.00

    Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR#964185.

  • CVE-2016-8442HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.00

    Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. QC-CR#1038173.

  • CVE-2016-8441HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.00

    Possible buffer overflow in the hypervisor. Inappropriate usage of a static array could lead to a buffer overrun. Product: Android. Versions: Kernel 3.18. Android ID: A-31625904. References: QC-CR#1027769.

  • CVE-2016-8436HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8432HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8431HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8430HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8429HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

Page 40 of 320