Vulnerabilities > Linux > Linux Kernel > 2.6.31.13

DATE CVE VULNERABILITY TITLE RISK
2015-08-31 CVE-2014-9729 Local Denial of Service vulnerability in Linux Kernel UDF File System
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.
local
low complexity
linux
4.9
2015-08-31 CVE-2014-9728 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.
local
low complexity
linux CWE-119
4.9
2015-08-08 CVE-2015-1805 Code vulnerability in multiple products
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."
local
low complexity
google linux CWE-17
7.2
2015-08-06 CVE-2015-3636 Local Privilege Escalation vulnerability in Linux Kernel
The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.
local
low complexity
linux debian redhat canonical
4.9
2015-08-05 CVE-2015-4167 Numeric Errors vulnerability in multiple products
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.
4.7
2015-07-27 CVE-2015-4692 Denial of Service vulnerability in Linux Kernel KVM 'kvm_apic_has_events()' Function
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.
local
low complexity
linux
4.9
2015-06-07 CVE-2015-4001 Numeric Errors vulnerability in Linux Kernel
Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet.
network
low complexity
linux CWE-189
critical
9.0
2015-05-27 CVE-2015-3332 Resource Management Errors vulnerability in multiple products
A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.
local
low complexity
debian linux CWE-399
4.9
2015-03-16 CVE-2015-1420 Race Condition vulnerability in multiple products
Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.
1.9
2014-12-17 CVE-2014-9322 Improper Privilege Management vulnerability in multiple products
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.
7.8