Vulnerabilities > Canonical > Ubuntu Linux > High

DATE CVE VULNERABILITY TITLE RISK
2016-12-08 CVE-2016-8655 Use After Free vulnerability in multiple products
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.
local
low complexity
linux canonical CWE-416
7.8
2016-11-28 CVE-2015-1328 Permissions, Privileges, and Access Controls vulnerability in multiple products
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.
local
low complexity
canonical linux CWE-264
7.8
2016-11-16 CVE-2016-7913 Use After Free vulnerability in multiple products
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.
local
low complexity
linux canonical CWE-416
7.8
2016-11-10 CVE-2016-5195 Race Condition vulnerability in multiple products
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
7.0
2016-10-16 CVE-2016-7425 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.
local
low complexity
linux canonical CWE-119
7.8
2016-10-03 CVE-2016-7401 7PK - Security Features vulnerability in multiple products
The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.
network
low complexity
canonical djangoproject debian CWE-254
7.5
2016-10-03 CVE-2016-6352 Out-of-bounds Write vulnerability in multiple products
The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.
network
low complexity
canonical gnome opensuse CWE-787
7.5
2016-09-27 CVE-2016-7045 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string.
network
low complexity
irssi debian canonical CWE-119
7.5
2016-09-27 CVE-2016-7044 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code.
network
low complexity
irssi debian canonical CWE-119
7.5
2016-09-26 CVE-2016-7162 Improper Input Validation vulnerability in multiple products
The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.
network
low complexity
canonical file-roller-project CWE-20
7.5