Max CVSS | 7.8 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-6001 | 7.6 |
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: thi
|
09-02-2024 - 19:11 | 18-02-2017 - 21:59 | |
CVE-2017-7533 | 6.9 |
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_han
|
21-06-2023 - 15:57 | 05-08-2017 - 16:29 | |
CVE-2016-10088 | 6.9 |
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of ser
|
07-06-2023 - 12:44 | 30-12-2016 - 18:59 | |
CVE-2017-9074 | 7.2 |
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly
|
24-02-2023 - 18:40 | 19-05-2017 - 07:29 | |
CVE-2017-9076 | 7.2 |
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related i
|
24-02-2023 - 18:39 | 19-05-2017 - 07:29 | |
CVE-2017-9075 | 7.2 |
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
|
24-02-2023 - 18:39 | 19-05-2017 - 07:29 | |
CVE-2017-9077 | 7.2 |
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
|
24-02-2023 - 18:38 | 19-05-2017 - 14:29 | |
CVE-2017-8890 | 7.2 |
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.
|
24-02-2023 - 18:32 | 10-05-2017 - 16:29 | |
CVE-2017-7889 | 7.2 |
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access re
|
14-02-2023 - 21:12 | 17-04-2017 - 00:59 | |
CVE-2017-2671 | 4.9 |
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (pani
|
12-02-2023 - 23:29 | 05-04-2017 - 06:59 | |
CVE-2016-9576 | 7.2 |
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-af
|
12-02-2023 - 23:27 | 28-12-2016 - 07:59 | |
CVE-2016-8645 | 4.9 |
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_
|
12-02-2023 - 23:26 | 28-11-2016 - 03:59 | |
CVE-2016-7097 | 3.6 |
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permission
|
12-02-2023 - 23:25 | 16-10-2016 - 21:59 | |
CVE-2017-7187 | 7.2 |
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl
|
10-02-2023 - 00:53 | 20-03-2017 - 14:59 | |
CVE-2017-8797 | 7.8 |
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering
|
03-02-2023 - 02:02 | 02-07-2017 - 17:29 | |
CVE-2016-9806 | 7.2 |
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes send
|
17-01-2023 - 21:05 | 28-12-2016 - 07:59 | |
CVE-2015-8839 | 1.9 |
Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized h
|
02-10-2020 - 14:56 | 02-05-2016 - 10:59 | |
CVE-2016-9604 | 2.1 |
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass mod
|
09-10-2019 - 23:20 | 11-07-2018 - 13:29 | |
CVE-2017-5970 | 5.0 |
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invali
|
03-10-2019 - 00:03 | 14-02-2017 - 06:59 | |
CVE-2017-6951 | 4.9 |
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
|
05-01-2018 - 02:31 | 16-03-2017 - 18:59 | |
CVE-2016-9685 | 4.9 |
Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.
|
05-01-2018 - 02:31 | 28-12-2016 - 07:59 | |
CVE-2016-7042 | 4.9 |
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a deni
|
05-01-2018 - 02:31 | 16-10-2016 - 21:59 |