Vulnerabilities > Linux > Linux Kernel > 2.6.15.5

DATE CVE VULNERABILITY TITLE RISK
2016-10-16 CVE-2016-7097 Improper Authorization vulnerability in Linux Kernel
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.
local
low complexity
linux CWE-285
4.4
2016-10-16 CVE-2016-7042 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
local
low complexity
linux CWE-119
4.9
2016-10-16 CVE-2016-6828 Use After Free vulnerability in Linux Kernel
The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.
local
low complexity
linux CWE-416
5.5
2016-10-16 CVE-2016-6327 NULL Pointer Dereference vulnerability in Linux Kernel
drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation.
local
low complexity
linux CWE-476
5.5
2016-10-16 CVE-2015-8953 Resource Management Errors vulnerability in Linux Kernel
fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service (dentry reference leak) via filesystem operations on a large file in a lower overlayfs layer.
local
low complexity
linux CWE-399
4.9
2016-10-16 CVE-2015-8952 Data Processing Errors vulnerability in Linux Kernel
The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba.
local
low complexity
linux CWE-19
2.1
2016-10-16 CVE-2015-3288 Improper Input Validation vulnerability in Linux Kernel
mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.
local
low complexity
linux CWE-20
7.8
2016-10-10 CVE-2015-8956 NULL Pointer Dereference vulnerability in Linux Kernel
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.
local
low complexity
linux google CWE-476
3.6
2016-10-10 CVE-2015-8950 Information Exposure vulnerability in Linux Kernel
arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.
network
linux CWE-200
4.3
2016-08-06 CVE-2016-6516 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability.
local
linux CWE-119
4.4