Vulnerabilities > Linux > Linux Kernel > 3.18.26
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-07-03 | CVE-2016-3955 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet. | 9.8 |
2016-06-29 | CVE-2016-1237 | Improper Access Control vulnerability in Linux Kernel nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c. | 4.9 |
2016-06-27 | CVE-2016-5829 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call. | 7.8 |
2016-06-27 | CVE-2016-5828 | Improper Input Validation vulnerability in multiple products The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call. | 7.8 |
2016-06-27 | CVE-2016-5728 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability. | 5.4 |
2016-06-27 | CVE-2016-5244 | Information Exposure vulnerability in multiple products The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message. | 5.0 |
2016-06-27 | CVE-2016-5243 | Information Exposure vulnerability in Linux Kernel The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message. | 2.1 |
2016-06-27 | CVE-2016-4470 | The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command. | 5.5 |
2016-06-27 | CVE-2016-3713 | Improper Access Control vulnerability in Linux Kernel The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call. | 5.6 |
2016-06-27 | CVE-2016-1583 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. | 7.8 |