Vulnerabilities > Linux > Linux Kernel > 3.16.4

DATE CVE VULNERABILITY TITLE RISK
2014-10-13 CVE-2014-7975 The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call.
local
low complexity
linux canonical
4.9
4.9
2014-10-13 CVE-2014-7970 Resource Exhaustion vulnerability in multiple products
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via .
local
low complexity
novell linux canonical CWE-400
4.9
4.9
2014-06-07 CVE-2014-3153 The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
local
low complexity
linux redhat suse opensuse canonical oracle
7.8
7.8