Vulnerabilities > Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-04 | CVE-2016-10318 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service. | 6.5 |
| 2017-03-30 | CVE-2017-7346 | Improper Input Validation vulnerability in Linux Kernel The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device. | 5.5 |
| 2017-03-27 | CVE-2017-7273 | Unspecified vulnerability in Linux Kernel The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report. low complexity linux | 6.6 |
| 2017-03-24 | CVE-2017-7261 | Improper Input Validation vulnerability in Linux Kernel The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device. | 5.5 |
| 2017-03-16 | CVE-2017-6951 | NULL Pointer Dereference vulnerability in Linux Kernel The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type. | 5.5 |
| 2017-03-08 | CVE-2017-0537 | Information Exposure vulnerability in Linux Kernel 3.18 An information disclosure vulnerability in the kernel USB gadget driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-03-08 | CVE-2017-0536 | Information Exposure vulnerability in Linux Kernel 3.10/3.18 An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-03-08 | CVE-2017-0535 | Information Exposure vulnerability in Linux Kernel 3.10 An information disclosure vulnerability in the HTC sound codec driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-03-08 | CVE-2017-0534 | Information Exposure vulnerability in Linux Kernel 3.18 An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-03-08 | CVE-2017-0533 | Information Exposure vulnerability in Linux Kernel 3.18 An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. | 4.7 |