Vulnerabilities > Linux > Linux Kernel > High

DATE CVE VULNERABILITY TITLE RISK
2017-02-14 CVE-2017-5972 Resource Exhaustion vulnerability in Linux Kernel
The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many TCP SYN packets, as demonstrated by an attack against the kernel-3.10.0 package in CentOS Linux 7.
network
low complexity
linux CWE-400
7.5
7.5
2017-02-14 CVE-2017-5970 NULL Pointer Dereference vulnerability in Linux Kernel
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
network
low complexity
linux CWE-476
7.5
7.5
2017-02-08 CVE-2017-0449 An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
google linux
7.0
7.0
2017-02-08 CVE-2017-0447 An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
google linux
7.0
7.0
2017-02-08 CVE-2017-0446 An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
google linux
7.0
7.0
2017-02-08 CVE-2017-0445 An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
google linux
7.0
7.0
2017-02-08 CVE-2017-0444 An elevation of privilege vulnerability in the Realtek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
google linux
7.0
7.0
2017-02-08 CVE-2017-0443 An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
linux google
7.0
7.0
2017-02-08 CVE-2017-0442 Classic Buffer Overflow vulnerability in multiple products
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
google linux CWE-120
7.0
7.0
2017-02-08 CVE-2017-0441 Classic Buffer Overflow vulnerability in multiple products
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
google linux CWE-120
7.0
7.0