Vulnerabilities > Linux > Linux Kernel > 2.1.47

DATE CVE VULNERABILITY TITLE RISK
2017-03-20 CVE-2017-7187 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.
local
low complexity
linux CWE-119
7.8
2017-03-19 CVE-2017-7184 Unspecified vulnerability in Linux Kernel
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
local
low complexity
linux
7.8
2017-03-16 CVE-2017-6951 NULL Pointer Dereference vulnerability in Linux Kernel
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
local
low complexity
linux CWE-476
4.9
2017-03-08 CVE-2017-0523 Privilege Escalation vulnerability in Linux Kernel
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux google
7.6
2017-03-01 CVE-2017-6353 Double Free vulnerability in Linux Kernel
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application.
local
low complexity
linux CWE-415
4.9
2017-03-01 CVE-2017-6348 Local Denial of Service vulnerability in Linux Kernel
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
local
low complexity
linux
4.9
2017-03-01 CVE-2017-6345 Improper Input Validation vulnerability in Linux Kernel
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
local
low complexity
linux CWE-20
4.6
2017-02-24 CVE-2017-5669 Improper Input Validation vulnerability in Linux Kernel
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.
local
low complexity
linux CWE-20
4.6
2017-02-23 CVE-2017-6214 Infinite Loop vulnerability in Linux Kernel
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
network
low complexity
linux CWE-835
5.0
2017-02-18 CVE-2017-6074 Double Free vulnerability in multiple products
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
local
low complexity
linux debian CWE-415
7.8