Vulnerabilities > Linux > Linux Kernel > 4.9.167

DATE CVE VULNERABILITY TITLE RISK
2016-05-02 CVE-2016-2854 Improper Privilege Management vulnerability in Linux Kernel
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
local
low complexity
linux CWE-269
7.8
2016-05-02 CVE-2016-2853 Improper Privilege Management vulnerability in Linux Kernel
The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
local
low complexity
linux CWE-269
7.8
2014-06-07 CVE-2014-3153 The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.
local
low complexity
linux redhat suse opensuse canonical oracle
7.8