Vulnerabilities > Linux > Linux Kernel > 3.10.59
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-08-07 | CVE-2014-9410 | Improper Input Validation vulnerability in Linux Kernel The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate a certain id value, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that makes a crafted ioctl call. | 7.2 |
2016-08-06 | CVE-2016-6516 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability. | 4.4 |
2016-08-06 | CVE-2016-6480 | Race Condition vulnerability in Linux Kernel Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability. | 4.7 |
2016-08-06 | CVE-2016-6198 | Improper Access Control vulnerability in Linux Kernel The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c. | 4.9 |
2016-08-06 | CVE-2016-6197 | Improper Input Validation vulnerability in multiple products fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink. | 4.9 |
2016-08-06 | CVE-2016-6156 | Race Condition vulnerability in Linux Kernel Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access) by changing a certain size value, aka a "double fetch" vulnerability. | 1.9 |
2016-08-06 | CVE-2016-6136 | Race Condition vulnerability in Linux Kernel Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability. | 1.9 |
2016-08-06 | CVE-2016-5696 | Information Exposure vulnerability in multiple products net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack. | 5.8 |
2016-08-06 | CVE-2016-5412 | Resource Management Errors vulnerability in Linux Kernel arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction. | 6.5 |
2016-08-06 | CVE-2016-5400 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations. | 4.9 |