Vulnerabilities > Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-28 | CVE-2015-8970 | NULL Pointer Dereference vulnerability in Linux Kernel crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c. | 5.5 |
| 2016-11-16 | CVE-2016-7917 | Out-of-bounds Read vulnerability in Linux Kernel The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability. | 5.0 |
| 2016-11-16 | CVE-2016-7916 | Race Condition vulnerability in Linux Kernel Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete. | 5.5 |
| 2016-11-16 | CVE-2016-7915 | Out-of-bounds Read vulnerability in Linux Kernel The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver. | 5.5 |
| 2016-11-16 | CVE-2016-7914 | NULL Pointer Dereference vulnerability in Linux Kernel The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite. | 5.5 |
| 2016-11-16 | CVE-2015-8964 | Information Exposure vulnerability in Linux Kernel The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure. | 5.5 |
| 2016-10-16 | CVE-2016-8660 | Data Processing Errors vulnerability in Linux Kernel The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data implementation." | 5.5 |
| 2016-10-16 | CVE-2016-8658 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket. | 6.1 |
| 2016-10-16 | CVE-2016-7097 | Improper Authorization vulnerability in Linux Kernel The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. | 4.4 |
| 2016-10-16 | CVE-2016-7042 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file. | 6.2 |