Vulnerabilities > Linux > Linux Kernel > 4.4.111

DATE CVE VULNERABILITY TITLE RISK
2016-05-09 CVE-2015-0571 Missing Authorization vulnerability in Linux Kernel
The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c.
network
linux CWE-862
critical
9.3
2016-05-09 CVE-2015-0570 Out-of-bounds Write vulnerability in Linux Kernel
Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element.
network
linux CWE-787
critical
9.3
2016-05-09 CVE-2015-0569 Out-of-bounds Write vulnerability in Linux Kernel
Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter.
network
linux CWE-787
critical
9.3
2016-05-02 CVE-2016-3689 The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.
low complexity
novell linux canonical
4.6
2016-05-02 CVE-2016-3140 The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
low complexity
canonical linux novell
4.6
2016-05-02 CVE-2016-3138 The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.
low complexity
linux canonical novell
4.6
2016-05-02 CVE-2016-3137 drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.
low complexity
novell canonical linux
4.6
2016-05-02 CVE-2016-3136 The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors.
low complexity
linux novell canonical
4.6
2016-05-02 CVE-2016-2854 Improper Privilege Management vulnerability in Linux Kernel
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
local
low complexity
linux CWE-269
4.6
2016-05-02 CVE-2016-2853 Improper Privilege Management vulnerability in Linux Kernel
The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
local
linux CWE-269
4.4