Vulnerabilities > Linux > Linux Kernel > 3.10.84
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-31 | CVE-2014-9730 | Local Denial of Service vulnerability in Linux Kernel UDF File System The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | 4.9 |
| 2015-08-31 | CVE-2014-9729 | Local Denial of Service vulnerability in Linux Kernel UDF File System The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | 4.9 |
| 2015-08-31 | CVE-2014-9728 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c. | 4.9 |
| 2015-08-08 | CVE-2015-1805 | Code vulnerability in multiple products The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." | 7.2 |
| 2015-08-06 | CVE-2015-3636 | Local Privilege Escalation vulnerability in Linux Kernel The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect. | 4.9 |
| 2015-08-05 | CVE-2015-4167 | Numeric Errors vulnerability in multiple products The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem. | 4.7 |
| 2015-07-27 | CVE-2015-4692 | Denial of Service vulnerability in Linux Kernel KVM 'kvm_apic_has_events()' Function The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call. | 4.9 |
| 2015-06-07 | CVE-2015-4001 | Numeric Errors vulnerability in Linux Kernel Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet. | 9.0 |
| 2015-05-27 | CVE-2015-3332 | Resource Management Errors vulnerability in multiple products A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds. | 4.9 |
| 2015-03-16 | CVE-2015-1420 | Race Condition vulnerability in multiple products Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function. | 1.9 |