Vulnerabilities > Linux > Linux Kernel > 3.18.34
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-16 | CVE-2016-7916 | Race Condition vulnerability in Linux Kernel Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete. | 4.7 |
| 2016-11-16 | CVE-2016-7915 | Out-of-bounds Read vulnerability in Linux Kernel The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver. | 4.3 |
| 2016-11-16 | CVE-2016-7914 | NULL Pointer Dereference vulnerability in Linux Kernel The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite. | 7.1 |
| 2016-11-16 | CVE-2016-7913 | Use After Free vulnerability in multiple products The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure. | 7.8 |
| 2016-11-16 | CVE-2016-7912 | Use After Free vulnerability in Linux Kernel Use-after-free vulnerability in the ffs_user_copy_worker function in drivers/usb/gadget/function/f_fs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call. | 7.8 |
| 2016-11-16 | CVE-2016-7911 | Use After Free vulnerability in Linux Kernel Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call. | 7.8 |
| 2016-11-16 | CVE-2016-7910 | Use After Free vulnerability in Linux Kernel Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed. | 7.8 |
| 2016-11-16 | CVE-2015-8964 | Information Exposure vulnerability in Linux Kernel The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure. | 7.1 |
| 2016-11-16 | CVE-2015-8963 | Use After Free vulnerability in Linux Kernel Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation. | 7.0 |
| 2016-11-16 | CVE-2015-8962 | Double Free vulnerability in Linux Kernel Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call. | 7.3 |