Vulnerabilities > Linux > Linux Kernel > 2.6.33.7

DATE CVE VULNERABILITY TITLE RISK
2017-03-30 CVE-2017-7346 Improper Input Validation vulnerability in Linux Kernel
The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device.
local
low complexity
linux CWE-20
4.9
2017-03-29 CVE-2017-7308 Incorrect Conversion between Numeric Types vulnerability in Linux Kernel
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
local
low complexity
linux CWE-681
7.8
2017-03-28 CVE-2017-7277 Out-of-bounds Read vulnerability in Linux Kernel
The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds read) via crafted system calls, related to net/core/skbuff.c and net/socket.c.
local
low complexity
linux CWE-125
6.6
2017-03-24 CVE-2017-7261 Improper Input Validation vulnerability in Linux Kernel
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.
local
low complexity
linux CWE-20
4.9
2017-03-20 CVE-2017-7187 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.
local
low complexity
linux CWE-119
7.8
2017-03-19 CVE-2017-7184 Unspecified vulnerability in Linux Kernel
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
local
low complexity
linux
7.8
2017-03-16 CVE-2017-6951 NULL Pointer Dereference vulnerability in Linux Kernel
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
local
low complexity
linux CWE-476
4.9
2017-03-08 CVE-2017-0523 Privilege Escalation vulnerability in Linux Kernel
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux google
7.6
2017-03-07 CVE-2017-2636 Double Free vulnerability in multiple products
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
local
high complexity
linux debian CWE-415
7.0
2017-03-03 CVE-2015-2877 Information Exposure vulnerability in multiple products
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack.
local
low complexity
linux redhat CWE-200
3.3