Vulnerabilities > Linux > Linux Kernel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-10 | CVE-2017-7616 | 7PK - Errors vulnerability in Linux Kernel Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. | 5.5 |
| 2017-04-07 | CVE-2017-0586 | Information Exposure vulnerability in Linux Kernel 3.10/3.18 An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-04-07 | CVE-2017-0585 | Information Exposure vulnerability in Linux Kernel 3.10/3.18 An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-04-07 | CVE-2017-0584 | Information Exposure vulnerability in Linux Kernel 3.10/3.18 An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-04-05 | CVE-2017-0330 | Information Exposure vulnerability in Linux Kernel 3.10 An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-04-05 | CVE-2017-0328 | Information Exposure vulnerability in Linux Kernel 3.10 An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-04-05 | CVE-2017-2671 | Unspecified vulnerability in Linux Kernel The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call. | 5.5 |
| 2017-04-04 | CVE-2016-10318 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service. | 6.5 |
| 2017-03-30 | CVE-2017-7346 | Improper Input Validation vulnerability in Linux Kernel The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device. | 5.5 |
| 2017-03-27 | CVE-2017-7273 | Unspecified vulnerability in Linux Kernel The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report. low complexity linux | 6.6 |