Vulnerabilities > Linux > Linux Kernel > High

DATE CVE VULNERABILITY TITLE RISK
2017-01-12 CVE-2016-8391 Improper Access Control vulnerability in Linux Kernel 3.10/3.18
An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux CWE-284
7.6
2017-01-12 CVE-2016-6791 Improper Access Control vulnerability in Linux Kernel 3.10/3.18
An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux CWE-284
7.6
2017-01-12 CVE-2016-6780 Improper Access Control vulnerability in Linux Kernel 3.10
An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux CWE-284
7.6
2017-01-12 CVE-2016-6779 Improper Access Control vulnerability in Linux Kernel 3.10
An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux CWE-284
7.6
2017-01-12 CVE-2016-6778 Improper Access Control vulnerability in Linux Kernel 3.10
An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux CWE-284
7.6
2017-01-12 CVE-2016-6755 Improper Access Control vulnerability in Linux Kernel 3.10/3.18
An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux CWE-284
7.6
2017-01-05 CVE-2016-9754 Integer Overflow or Wraparound vulnerability in Linux Kernel
The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.
local
low complexity
linux CWE-190
7.8
2016-12-30 CVE-2016-10088 Use After Free vulnerability in Linux Kernel
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c.
local
high complexity
linux CWE-416
7.0
2016-12-28 CVE-2016-9806 Double Free vulnerability in Linux Kernel
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.
local
low complexity
linux CWE-415
7.8
2016-12-28 CVE-2016-9794 Use After Free vulnerability in Linux Kernel
Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.
local
low complexity
linux CWE-416
7.8