Vulnerabilities > Linux > Linux Kernel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-05 | CVE-2017-0329 | Unspecified vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot and power management processor. | 7.0 |
| 2017-04-05 | CVE-2017-0328 | Information Exposure vulnerability in Linux Kernel 3.10 An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-04-05 | CVE-2017-0327 | Classic Buffer Overflow vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-04-05 | CVE-2017-0325 | Out-of-bounds Write vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-04-05 | CVE-2017-2671 | Unspecified vulnerability in Linux Kernel The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call. | 5.5 |
| 2017-04-04 | CVE-2016-5870 | NULL Pointer Dereference vulnerability in Linux Kernel The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact by triggering failure of an accept system call for an AF_MSM_IPC socket. | 7.8 |
| 2017-04-04 | CVE-2016-10318 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service. | 6.5 |
| 2017-04-04 | CVE-2016-10229 | Improperly Implemented Security Check for Standard vulnerability in multiple products udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag. | 9.8 |
| 2017-04-04 | CVE-2014-9922 | Permissions, Privileges, and Access Controls vulnerability in multiple products The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | 7.8 |
| 2017-03-31 | CVE-2017-7374 | Use After Free vulnerability in Linux Kernel Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely. | 7.8 |