Vulnerabilities > Linux > Linux Kernel > 2.6.14.4

DATE CVE VULNERABILITY TITLE RISK
2015-08-31 CVE-2015-3291 Code vulnerability in Linux Kernel
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI.
local
low complexity
linux CWE-17
2.1
2015-08-31 CVE-2015-1333 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys.
local
low complexity
linux CWE-119
4.9
2015-08-31 CVE-2014-9731 Code vulnerability in Linux Kernel
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.
local
low complexity
linux CWE-17
2.1
2015-08-31 CVE-2014-9730 Local Denial of Service vulnerability in Linux Kernel UDF File System
The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
local
low complexity
linux
4.9
2015-08-31 CVE-2014-9729 Local Denial of Service vulnerability in Linux Kernel UDF File System
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
local
low complexity
linux
4.9
2015-08-31 CVE-2014-9728 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.
local
low complexity
linux CWE-119
4.9
2015-08-08 CVE-2015-1805 Code vulnerability in multiple products
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."
local
low complexity
google linux CWE-17
7.2
2015-08-06 CVE-2015-3636 Local Privilege Escalation vulnerability in Linux Kernel
The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.
local
low complexity
linux debian redhat canonical
4.9
2015-08-05 CVE-2015-4167 Numeric Errors vulnerability in multiple products
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.
4.7
2015-07-27 CVE-2015-4692 Denial of Service vulnerability in Linux Kernel KVM 'kvm_apic_has_events()' Function
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.
local
low complexity
linux
4.9