Vulnerabilities > Linux > Linux Kernel > 3.16.41
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-11 | CVE-2017-11176 | Use After Free vulnerability in multiple products The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. | 7.8 |
| 2017-06-28 | CVE-2017-9985 | Out-of-bounds Read vulnerability in multiple products The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability. | 7.8 |
| 2017-06-28 | CVE-2017-9984 | Out-of-bounds Read vulnerability in Linux Kernel The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability. | 7.8 |
| 2017-06-19 | CVE-2017-1000379 | Unspecified vulnerability in Linux Kernel The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. | 7.8 |
| 2017-06-19 | CVE-2017-1000365 | Unspecified vulnerability in Linux Kernel The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. | 7.8 |
| 2017-05-19 | CVE-2017-9077 | Unspecified vulnerability in Linux Kernel The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. | 7.8 |
| 2017-05-19 | CVE-2017-9076 | The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. | 7.8 |
| 2017-05-19 | CVE-2017-9075 | The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. | 7.8 |
| 2017-05-19 | CVE-2017-9074 | Out-of-bounds Read vulnerability in Linux Kernel The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls. | 7.8 |
| 2017-05-15 | CVE-2017-7495 | Information Exposure vulnerability in Linux Kernel fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write system calls, and reading this file. | 5.5 |