Vulnerabilities > Linux > Linux Kernel > 3.4.97

DATE CVE VULNERABILITY TITLE RISK
2016-05-23 CVE-2016-4565 Permissions, Privileges, and Access Controls vulnerability in multiple products
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.
local
low complexity
linux canonical debian CWE-264
7.8
2016-05-23 CVE-2016-4486 Information Exposure vulnerability in multiple products
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
local
low complexity
novell canonical linux CWE-200
3.3
2016-05-23 CVE-2016-4485 Information Exposure vulnerability in multiple products
The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.
network
low complexity
novell canonical linux CWE-200
7.5
2016-05-23 CVE-2016-4482 Information Exposure vulnerability in multiple products
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.
local
low complexity
canonical linux novell fedoraproject CWE-200
6.2
2016-05-09 CVE-2015-0571 Missing Authorization vulnerability in Linux Kernel
The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c.
local
low complexity
linux CWE-862
7.8
2016-05-09 CVE-2015-0570 Out-of-bounds Write vulnerability in Linux Kernel
Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element.
local
low complexity
linux CWE-787
7.8
2016-05-09 CVE-2015-0569 Out-of-bounds Write vulnerability in Linux Kernel
Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter.
local
low complexity
linux CWE-787
7.8
2016-05-05 CVE-2016-2062 Integer Overflow or Wraparound vulnerability in multiple products
The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and incorrect memory allocation) or possibly have unspecified other impact via a crafted IOCTL_KGSL_PERFCOUNTER_QUERY ioctl call.
local
low complexity
linux google CWE-190
7.8
2016-05-05 CVE-2016-2059 Improper Privilege Management vulnerability in multiple products
The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a client port, which allows attackers to gain privileges or cause a denial of service (race condition and list corruption) by making many BIND_CONTROL_PORT ioctl calls.
local
high complexity
linux google CWE-269
7.0
2016-05-02 CVE-2016-3689 The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.
low complexity
novell linux canonical
4.6