Vulnerabilities > Linux > Linux Kernel > 2.6.12.4

DATE CVE VULNERABILITY TITLE RISK
2016-10-10 CVE-2015-8950 Information Exposure vulnerability in Linux Kernel
arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.
network
linux CWE-200
4.3
2016-08-06 CVE-2016-6516 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability.
local
linux CWE-119
4.4
2016-08-06 CVE-2016-6480 Race Condition vulnerability in Linux Kernel
Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability.
local
linux CWE-362
4.7
2016-08-06 CVE-2016-6198 Improper Access Control vulnerability in Linux Kernel
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c.
local
low complexity
linux oracle CWE-284
4.9
2016-08-06 CVE-2016-6197 Improper Input Validation vulnerability in multiple products
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.
local
low complexity
oracle linux CWE-20
4.9
2016-08-06 CVE-2016-6156 Race Condition vulnerability in Linux Kernel
Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access) by changing a certain size value, aka a "double fetch" vulnerability.
local
linux CWE-362
1.9
2016-08-06 CVE-2016-6136 Race Condition vulnerability in Linux Kernel
Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability.
local
linux CWE-362
1.9
2016-08-06 CVE-2016-5696 Information Exposure vulnerability in multiple products
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
5.8
2016-08-06 CVE-2016-5412 Resource Management Errors vulnerability in Linux Kernel
arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.
local
low complexity
linux CWE-399
6.5
2016-08-06 CVE-2016-5400 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations.
local
low complexity
linux CWE-119
4.9