Vulnerabilities > Linux > Linux Kernel > 4.9.60

DATE CVE VULNERABILITY TITLE RISK
2017-09-26 CVE-2017-12154 Unspecified vulnerability in Linux Kernel
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.
local
low complexity
linux
7.1
2017-09-26 CVE-2017-1000252 Reachable Assertion vulnerability in Linux Kernel
The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
local
low complexity
linux CWE-617
2.1
2017-09-21 CVE-2017-12153 NULL Pointer Dereference vulnerability in Linux Kernel
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3.
local
low complexity
linux debian canonical CWE-476
4.9
2017-09-15 CVE-2017-14340 NULL Pointer Dereference vulnerability in Linux Kernel
The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory.
local
low complexity
linux CWE-476
4.9
2017-09-15 CVE-2017-14489 Improper Input Validation vulnerability in Linux Kernel
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
local
low complexity
linux CWE-20
4.9
2017-09-05 CVE-2017-14156 Information Exposure vulnerability in Linux Kernel
The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes.
local
low complexity
linux CWE-200
2.1
2017-09-05 CVE-2017-14140 Information Exposure vulnerability in Linux Kernel
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
local
low complexity
linux CWE-200
2.1
2017-09-01 CVE-2017-14106 Divide By Zero vulnerability in Linux Kernel
The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.
local
low complexity
linux CWE-369
5.5
2017-08-31 CVE-2017-14051 Integer Overflow or Wraparound vulnerability in Linux Kernel
An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.
local
low complexity
linux CWE-190
4.9
2017-08-25 CVE-2017-13695 Information Exposure vulnerability in Linux Kernel
The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
local
low complexity
linux CWE-200
2.1