Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_kernel
(Linux)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/mjg59/linux • https://github.com/stoth68000/media-tree • https://github.com/acpica/acpica • https://github.com/derrekr/android_security |
| #Vulnerabilities | 5074 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-02-06 | CVE-2016-10150 | Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device. | Linux_kernel | 9.8 | ||
| 2017-04-28 | CVE-2017-7895 | The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. | Debian_linux, Linux_kernel | 9.8 | ||
| 2017-05-02 | CVE-2015-9004 | kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions. | Android, Linux_kernel | 7.8 | ||
| 2017-07-20 | CVE-2017-11473 | Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table. | Ubuntu_linux, Linux_kernel | 7.8 | ||
| 2017-08-09 | CVE-2017-12762 | In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree. | Ubuntu_linux, Linux_kernel | 9.8 | ||
| 2017-09-15 | CVE-2017-14497 | The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system calls. | Debian_linux, Linux_kernel | 7.8 | ||
| 2017-10-28 | CVE-2017-15951 | The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls. | Linux_kernel | 7.8 | ||
| 2017-11-04 | CVE-2017-16526 | drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device. | Ubuntu_linux, Debian_linux, Linux_kernel | 7.8 | ||
| 2017-11-15 | CVE-2017-15115 | The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls. | Ubuntu_linux, Debian_linux, Linux_kernel, Linux_enterprise_server | 7.8 | ||
| 2017-11-24 | CVE-2017-16939 | The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages. | Debian_linux, Linux_kernel | 7.8 |