Vulnerabilities > Linux > Linux Kernel > 4.0.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-11-16 | CVE-2015-7312 | Use After Free vulnerability in multiple products Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c. | 4.4 |
2015-10-19 | CVE-2015-7799 | Local Denial of Service vulnerability in Google Android 'PPP Character Device Driver' The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call. | 4.9 |
2015-10-19 | CVE-2015-6937 | Null Pointer Deference Denial of Service vulnerability in Linux Kernel The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. | 4.9 |
2015-10-19 | CVE-2015-6252 | Resource Management Errors vulnerability in Linux Kernel The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation. | 2.1 |
2015-10-19 | CVE-2015-5707 | Integer Overflow or Wraparound vulnerability in Linux Kernel Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | 4.6 |
2015-10-16 | CVE-2013-7445 | Resource Management Errors vulnerability in Linux Kernel The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox. | 7.8 |
2015-08-31 | CVE-2015-5697 | Information Exposure vulnerability in Linux Kernel The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. | 2.1 |
2015-08-31 | CVE-2015-3291 | Code vulnerability in Linux Kernel arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI. | 2.1 |
2015-08-31 | CVE-2015-1333 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys. | 4.9 |
2015-07-27 | CVE-2015-4692 | Denial of Service vulnerability in Linux Kernel KVM 'kvm_apic_has_events()' Function The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call. | 4.9 |