| Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-0239 | 4.4 |
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering u
|
13-02-2023 - 00:45 | 02-03-2015 - 11:59 | |
| CVE-2014-8160 | 5.0 |
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass in
|
13-02-2023 - 00:43 | 02-03-2015 - 11:59 | |
| CVE-2014-7822 | 7.2 |
The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unsp
|
13-02-2023 - 00:42 | 16-03-2015 - 10:59 | |
| CVE-2015-1421 | 10.0 |
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by tri
|
03-11-2022 - 20:23 | 16-03-2015 - 10:59 | |
| CVE-2014-8559 | 4.9 |
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
|
13-08-2020 - 17:42 | 10-11-2014 - 11:55 | |
| CVE-2014-9585 | 2.1 |
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the
|
21-05-2020 - 20:35 | 09-01-2015 - 21:59 | |
| CVE-2014-9644 | 2.1 |
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes)
|
21-05-2020 - 13:11 | 02-03-2015 - 11:59 | |
| CVE-2013-7421 | 2.1 |
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.
|
19-05-2020 - 14:32 | 02-03-2015 - 11:59 | |
| CVE-2015-1593 | 5.0 |
The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predictin
|
05-01-2018 - 02:30 | 16-03-2015 - 10:59 | |
| CVE-2015-1420 | 1.9 |
Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of
|
28-12-2016 - 02:59 | 16-03-2015 - 10:59 | |
| CVE-2014-9683 | 3.6 |
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain pri
|
24-12-2016 - 02:59 | 03-03-2015 - 11:59 |