Vulnerabilities > Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-31 | CVE-2015-6526 | Resource Management Errors vulnerability in Linux Kernel The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace. | 4.9 |
| 2015-08-31 | CVE-2015-5706 | Use After Free vulnerability in multiple products Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation. | 4.6 |
| 2015-08-31 | CVE-2015-5366 | Resource Management Errors vulnerability in Linux Kernel The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364. | 5.0 |
| 2015-08-31 | CVE-2015-4700 | Code vulnerability in Linux Kernel The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler. | 4.9 |
| 2015-08-31 | CVE-2015-1333 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys. | 4.9 |
| 2015-08-31 | CVE-2014-9730 | Local Denial of Service vulnerability in Linux Kernel UDF File System The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | 4.9 |
| 2015-08-31 | CVE-2014-9729 | Local Denial of Service vulnerability in Linux Kernel UDF File System The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | 4.9 |
| 2015-08-31 | CVE-2014-9728 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c. | 4.9 |
| 2015-08-16 | CVE-2015-4491 | Numeric Errors vulnerability in multiple products Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. | 6.8 |
| 2015-08-06 | CVE-2015-3636 | Local Privilege Escalation vulnerability in Linux Kernel The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect. | 4.9 |