Vulnerabilities > Linux > Linux Kernel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-12 | CVE-2016-6760 | Improper Access Control vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 7.8 |
| 2017-01-12 | CVE-2016-6759 | Improper Access Control vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 7.8 |
| 2017-01-12 | CVE-2016-6758 | Improper Access Control vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 7.8 |
| 2017-01-12 | CVE-2016-6755 | Improper Access Control vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-01-05 | CVE-2016-9754 | Integer Overflow or Wraparound vulnerability in Linux Kernel The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file. | 7.8 |
| 2016-12-30 | CVE-2016-10088 | Use After Free vulnerability in Linux Kernel The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. | 7.0 |
| 2016-12-28 | CVE-2016-9806 | Double Free vulnerability in Linux Kernel Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated. | 7.8 |
| 2016-12-28 | CVE-2016-9794 | Use After Free vulnerability in Linux Kernel Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command. | 7.8 |
| 2016-12-28 | CVE-2016-9793 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option. | 7.8 |
| 2016-12-28 | CVE-2016-9777 | Out-of-bounds Read vulnerability in Linux Kernel KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h. | 7.8 |