Vulnerabilities > Linux > Linux Kernel > 4.1.50
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-27 | CVE-2016-2545 | Race Condition vulnerability in Linux Kernel The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call. | 4.7 |
| 2016-04-27 | CVE-2016-2544 | Race Condition vulnerability in Linux Kernel Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time. | 4.7 |
| 2016-04-27 | CVE-2016-2543 | Null Pointer Deference Local Denial of Service vulnerability in Linux Kernel The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call. | 4.9 |
| 2016-04-27 | CVE-2016-2384 | Local Denial of Service vulnerability in Linux Kernel Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor. | 4.9 |
| 2016-04-27 | CVE-2016-2383 | The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions. | 2.1 |
| 2016-04-27 | CVE-2016-2184 | The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor. | 4.6 |
| 2016-04-27 | CVE-2016-2085 | Data Processing Errors vulnerability in Linux Kernel The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack. | 2.1 |
| 2016-04-27 | CVE-2016-2069 | Race Condition vulnerability in multiple products Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU. | 4.4 |
| 2016-04-27 | CVE-2015-8845 | Improper Access Control vulnerability in Linux Kernel The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. | 4.9 |
| 2016-04-27 | CVE-2015-8844 | Improper Input Validation vulnerability in Linux Kernel The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. | 4.7 |