Vulnerabilities > Linux > Linux Kernel > 3.18.48

DATE CVE VULNERABILITY TITLE RISK
2015-10-19 CVE-2015-6937 Null Pointer Deference Denial of Service vulnerability in Linux Kernel
The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.
local
low complexity
linux canonical debian
4.9
2015-10-19 CVE-2015-6252 Resource Management Errors vulnerability in Linux Kernel
The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.
local
low complexity
linux CWE-399
2.1
2015-10-19 CVE-2015-5707 Integer Overflow or Wraparound vulnerability in Linux Kernel
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.
local
low complexity
linux canonical debian suse CWE-190
4.6
2015-10-19 CVE-2015-0275 Code vulnerability in Linux Kernel
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.
local
low complexity
linux oracle CWE-17
4.9
2015-10-16 CVE-2013-7445 Resource Management Errors vulnerability in Linux Kernel
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
network
low complexity
linux CWE-399
7.8
2015-08-31 CVE-2015-6526 Resource Management Errors vulnerability in Linux Kernel
The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace.
local
low complexity
linux CWE-399
4.9
2015-08-31 CVE-2015-5706 Use After Free vulnerability in multiple products
Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation.
local
low complexity
linux canonical debian CWE-416
4.6
2015-08-31 CVE-2015-5697 Information Exposure vulnerability in Linux Kernel
The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.
local
low complexity
linux CWE-200
2.1
2015-08-31 CVE-2015-5366 Resource Management Errors vulnerability in Linux Kernel
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364.
network
low complexity
linux redhat CWE-399
5.0
2015-08-31 CVE-2015-4700 Code vulnerability in Linux Kernel
The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler.
local
low complexity
linux CWE-17
4.9