Vulnerabilities > Linux > Linux Kernel > 4.1.36

DATE CVE VULNERABILITY TITLE RISK
2016-02-08 CVE-2015-7566 Local Denial of Service vulnerability in RETIRED: Linux Kernel
The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.
local
low complexity
novell linux
4.9
2016-02-08 CVE-2015-7550 Null Pointer Deference Local Denial of Service vulnerability in Linux Kernel
The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.
local
low complexity
linux
4.9
2016-02-08 CVE-2015-7513 Divide By Zero vulnerability in multiple products
arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions.
local
low complexity
linux debian fedoraproject canonical CWE-369
4.9
2016-02-08 CVE-2013-4312 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.
local
low complexity
oracle linux CWE-119
6.2
2015-12-28 CVE-2015-8569 Information Exposure vulnerability in Linux Kernel
The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
local
low complexity
linux CWE-200
2.3
2015-12-28 CVE-2015-8374 Information Exposure vulnerability in Linux Kernel
fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.
local
low complexity
linux CWE-200
2.1
2015-12-28 CVE-2015-7990 Race Condition vulnerability in Linux Kernel
Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.
local
linux CWE-362
5.9
2015-12-28 CVE-2015-7885 Information Exposure vulnerability in Linux Kernel
The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.
local
low complexity
linux CWE-200
2.1
2015-12-28 CVE-2015-7884 Information Exposure vulnerability in Linux Kernel
The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.
local
linux CWE-200
1.9
2015-12-28 CVE-2013-7446 Unspecified vulnerability in Linux Kernel
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.
local
high complexity
linux
5.3