ALT-PU-2016-2106-1 — kernel-image-std-def

BDU:2014-00052

MEDIUM4.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к защищаемой информации

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2014-1738

BDU:2014-00053

HIGH7.2

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к защищаемой информации

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-1737

BDU:2014-00054

MEDIUM6.2

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании, повысить свои привилегии или выполнить произвольный код

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2014-0069

BDU:2014-00055

HIGH7.4

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании, повысить свои привилегии или выполнить произвольный код

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0HIGH 7.4

CVSS:2.0/AV:A/AC:M/Au:S/C:C/I:C/A:C

References

CVE-2014-0049

BDU:2014-00060

MEDIUM4.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-3122

BDU:2014-00062

MEDIUM4.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2017-06-21

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-3144

BDU:2014-00063

HIGH7.2

Уязвимость ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании

Published: 2016-07-11Modified: 2021-08-19

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2014-00064

MEDIUM4.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-3145

BDU:2014-00065

MEDIUM6.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2026-04-30

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-0038

BDU:2014-00070

LOW2.1

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к статистике ввода-вывода

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2011-2494

BDU:2014-00071

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6537

BDU:2014-00072

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6539

BDU:2014-00073

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6540

BDU:2014-00074

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6541

BDU:2014-00075

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6542

BDU:2014-00076

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6543

BDU:2014-00077

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6544

BDU:2014-00078

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6545

BDU:2014-00079

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6546

BDU:2014-00080

LOW1.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6547

BDU:2014-00085

LOW3.2

Уязвимость операционной системы Linux, позволяющая злоумышленнику осуществить доступ к защищаемой информации или вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 3.2

CVSS:2.0/AV:A/AC:H/Au:N/C:P/I:N/A:P

References

CVE-2013-0343

BDU:2014-00086

LOW2.1

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2147

BDU:2014-00087

MEDIUM4.7

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать локальный отказ в обслуживании

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2889

BDU:2014-00088

MEDIUM4.7

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать локальный отказ в обслуживании

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2893

BDU:2014-00089

LOW3.3

Уязвимость операционной системы Linux, приводящая к раскрытию информации

Published: 2016-07-05Modified: 2021-08-19

CVSS 2.0LOW 3.3

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:N

References

CVE-2013-2929

BDU:2014-00090

MEDIUM4.7

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-4162

BDU:2014-00091

MEDIUM6.0

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 6.0

CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:P/A:P

References

CVE-2013-4299

BDU:2014-00092

MEDIUM5.8

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 5.8

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N

References

CVE-2013-4345

BDU:2014-00093

MEDIUM4.7

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2026-04-30

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-4512

BDU:2014-00094

HIGH7.2

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-4587

BDU:2014-00095

MEDIUM5.7

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2026-04-30

CVSS 2.0MEDIUM 5.7

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-6367

BDU:2014-00096

MEDIUM4.7

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2026-04-30

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-6380

BDU:2014-00097

MEDIUM6.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Published: 2016-07-05Modified: 2026-04-30

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-6381

BDU:2014-00098

MEDIUM4.0

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2013-6382

BDU:2014-00099

MEDIUM6.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-6383

BDU:2014-00100

MEDIUM4.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из памяти ядра

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7265

BDU:2014-00101

MEDIUM4.7

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-7339

BDU:2014-00102

HIGH7.1

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-0101

BDU:2014-00109

MEDIUM6.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Published: 2016-07-05Modified: 2026-04-22

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-0196

BDU:2014-00110

HIGH7.2

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-1737

BDU:2014-00111

MEDIUM4.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2014-1738

BDU:2014-00333

MEDIUM6.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Published: 2016-07-05Modified: 2017-06-21

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2014-00334

HIGH7.2

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2014-00335

MEDIUM6.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2014-00336

MEDIUM4.9

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Published: 2016-07-05Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-01796

HIGH7.2

Уязвимости операционной системы Debian GNU/Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2024-07-05

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-03064

HIGH7.2

Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2026-04-30

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

BDU:2015-04307

CRITICAL10.0

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2026-04-30

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

BDU:2015-04308

CRITICAL10.0

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

BDU:2015-04309

CRITICAL10.0

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

BDU:2015-04310

CRITICAL10.0

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

BDU:2015-04341

MEDIUM5.6

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2026-04-30

CVSS 2.0MEDIUM 5.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:C

References

BDU:2015-04342

MEDIUM5.6

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0MEDIUM 5.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:C

References

BDU:2015-04343

MEDIUM5.6

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0MEDIUM 5.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:C

References

BDU:2015-04359

HIGH7.8

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2026-04-30

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-04391

HIGH7.2

Уязвимость операционной системы SUSE Linux Enterprise, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-2094

BDU:2015-04437

MEDIUM4.6

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2026-04-30

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

BDU:2015-04438

MEDIUM4.6

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

BDU:2015-04439

MEDIUM4.6

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

BDU:2015-05303

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2026-04-30

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05304

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05305

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05306

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05307

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05308

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05309

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05310

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05311

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05312

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05313

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05314

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05315

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

BDU:2015-05480

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2026-04-30

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-05481

HIGH7.8

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-05542

HIGH7.2

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2026-04-30

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-05543

HIGH7.2

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2024-09-16

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-05685

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2024-07-05

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05686

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05687

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05688

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05689

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05690

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05691

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05692

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05693

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05694

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05695

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05696

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05697

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05698

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05699

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05700

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05701

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05702

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05703

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05704

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05705

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05706

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05707

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05708

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05709

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05710

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05711

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05712

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05713

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05714

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05715

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05716

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05717

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05718

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05719

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05720

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05721

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05722

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05723

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05724

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05725

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05726

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05727

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05728

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05729

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05730

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05731

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05732

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05733

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05734

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05735

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05736

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05737

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05738

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05739

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05740

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05741

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05742

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05743

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05744

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05745

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05746

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05747

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05748

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05749

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05750

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05751

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05752

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05753

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05754

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05755

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05756

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05757

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05758

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05759

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05760

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05761

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05762

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05763

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05764

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05765

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05766

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05767

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05768

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05769

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05770

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05771

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05772

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05773

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05774

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05775

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05776

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05777

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05778

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05779

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05780

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05781

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05782

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05783

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05784

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05785

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05786

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05787

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05788

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05789

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05790

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05791

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05792

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05793

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05794

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05795

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05796

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05797

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05798

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05799

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05800

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05801

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05802

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05803

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05804

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05805

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05806

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05807

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05808

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05809

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05810

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05811

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05812

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05813

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05814

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05815

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05816

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05817

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05818

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05819

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05820

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05821

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05822

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05823

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05824

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05825

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05826

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05827

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05828

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05829

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05830

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05831

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05832

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05833

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05834

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05835

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05836

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05837

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05838

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05839

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05840

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05841

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05842

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05843

CRITICAL9.3

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2015-05900

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2024-12-27

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05901

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05902

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05903

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05904

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05905

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05906

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05907

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05908

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05909

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05910

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05911

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05912

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05913

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05914

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05915

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05916

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05917

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05918

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05919

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05920

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05921

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-05922

HIGH7.2

Уязвимость операционной системы openSUSE, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3153

BDU:2015-06239

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06241

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06243

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06245

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06246

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06247

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06248

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06249

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06250

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06251

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06255

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06258

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06260

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06263

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06264

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06265

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-01Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-06669

MEDIUM4.9

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-06670

MEDIUM4.9

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-06999

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07000

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07001

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07002

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07003

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07004

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07005

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07006

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07007

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07008

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07009

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07010

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07011

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07012

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07013

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07014

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07015

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07016

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07017

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07278

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07279

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07280

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07281

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07282

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07283

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07284

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07285

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07286

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07287

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07288

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-07289

HIGH7.2

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-06-02Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-08909

MEDIUM4.9

Уязвимость операционной системы CentOS, позволяющая злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-08910

MEDIUM4.9

Уязвимость операционной системы CentOS, позволяющая злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09204

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09205

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09206

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09207

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09208

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09209

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09210

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09211

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09212

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09213

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09214

CRITICAL10.0

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09300

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09301

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09302

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09303

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09304

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09305

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09306

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09307

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09308

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09309

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09310

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09311

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09312

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09313

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09314

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09315

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09316

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09317

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09318

HIGH7.8

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2015-09319

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09320

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09321

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09322

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09323

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09324

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09325

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09326

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09327

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09328

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09329

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09330

CRITICAL10.0

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2015-04-28Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09825

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09826

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09827

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09828

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09829

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09830

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09831

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09832

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09833

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09834

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09835

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09836

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09837

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09838

CRITICAL10.0

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному нарушителю нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09845

HIGH7.2

Уязвимости операционной системы Ubuntu, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09846

CRITICAL10.0

Уязвимости операционной системы Ubuntu, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-09847

CRITICAL10.0

Уязвимости операционной системы Ubuntu, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2015-12106

MEDIUM4.9

Уязвимость гипервизора Xen, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2015-12-14Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-5307

BDU:2015-12123

MEDIUM4.7

Уязвимость гипервизора Xen, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2015-12-14Modified: 2021-03-23

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2015-8104

BDU:2016-00187

HIGH7.8

Уязвимость ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код на целевой системе

Published: 2016-01-28Modified: 2024-10-08

CVSS 3.xHIGH 7.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:C

References

BDU:2016-00513

MEDIUM4.6

Уязвимость драйвера USB-MIDI ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Published: 2016-03-02Modified: 2024-12-03

CVSS 3.xMEDIUM 4.6

CVSS:3.x/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2016-2384

BDU:2016-00886

LOW2.1

Уязвимость ядра Linux, позволяющая нарушителю получить доступ к защищаемой информации

Published: 2016-04-06Modified: 2021-03-23

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2016-0823

BDU:2016-00898

MEDIUM5.0

Уязвимость операционной системы Android, позволяющая нарушителю обойти механизм защиты

Published: 2016-04-14Modified: 2021-03-23

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N

References

CVE-2016-0821

BDU:2016-01134

CRITICAL10.0

Уязвимость ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Published: 2016-05-11Modified: 2021-03-23

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2015-8812

BDU:2016-01579

MEDIUM6.9

Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

Published: 2016-07-11Modified: 2021-08-19

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2016-01939

HIGH7.3

Уязвимость стека IPv6 ядра Linux операционной системы Android, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

Published: 2016-08-23Modified: 2024-12-03

CVSS 3.xHIGH 7.3

CVSS:3.x/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2016-3841

BDU:2016-02003

MEDIUM4.3

Уязвимость операционной системы Android, позволяющая нарушителю получить конфиденциальную информацию

Published: 2016-08-31Modified: 2021-03-23

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2014-9895

BDU:2016-02026

CRITICAL9.3

Уязвимость операционной системы Android, позволяющая нарушителю повысить свои привилегии

Published: 2016-08-31Modified: 2021-03-23

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-9870

BDU:2016-02082

CRITICAL9.8

Уязвимость функции usbip_recv_xbuff (drivers/usb/usbip/usbip_common.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

Published: 2016-09-07Modified: 2024-12-03

CVSS 3.xCRITICAL 9.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2016-3955

BDU:2016-02097

HIGH7.8

Уязвимость ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

Published: 2016-09-19Modified: 2024-10-08

CVSS 3.xHIGH 7.8

CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2016-2065

BDU:2016-02098

HIGH7.8

Уязвимость ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

Published: 2016-09-19Modified: 2024-10-08

CVSS 3.xHIGH 7.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:C

References

CVE-2016-2063

BDU:2016-02099

CRITICAL9.8

Уязвимость ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

Published: 2016-09-19Modified: 2024-10-08

CVSS 3.xCRITICAL 9.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2015-0573

BDU:2016-02217

MEDIUM4.9

Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2016-11-03Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2017-00542

HIGH7.3

Уязвимость драйвера Wi-Fi Qualcomm операционных систем Android, позволяющая нарушителю выполнить произвольный код

Published: 2017-03-16Modified: 2025-02-05

CVSS 3.xHIGH 7.3

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS 2.0HIGH 7.6

CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2017-0523

BDU:2017-00771

MEDIUM4.9

Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-04-06Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2017-01093

MEDIUM4.6

Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

Published: 2017-05-04Modified: 2021-03-23

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

BDU:2017-01159

CRITICAL9.8

Уязвимость компонента kernel/events/core.c ядра операционной системы Android, позволяющая нарушителю повысить свои привилегии

Published: 2017-05-18Modified: 2024-05-16

CVSS 3.xCRITICAL 9.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01160

HIGH7.6

Уязвимость компонента drivers/regulator/core.c ядра операционной системы Android, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

Published: 2017-05-18Modified: 2021-03-23

CVSS 2.0HIGH 7.6

CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C

References

BDU:2017-01546

CRITICAL9.3

Уязвимость операционной системы Android, позволяющая нарушителю повысить свои привилегии

Published: 2017-06-30Modified: 2021-03-23

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

BDU:2017-01560

HIGH7.8

Уязвимость функции aio_mount в fs/aio.c ядра операционной системы Android, позволяющая нарушителю обойти политику ограничений и повысить свои привилегии

Published: 2017-06-30Modified: 2024-05-16

CVSS 3.xHIGH 7.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-01573

HIGH7.8

Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

Published: 2017-06-30Modified: 2024-05-16

CVSS 3.xHIGH 7.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:C

References

BDU:2017-01665

HIGH7.2

Уязвимость функции sock_setsockopt ядра в net/core/sock.c операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

Published: 2017-07-14Modified: 2021-03-23

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2017-02405

HIGH7.8

Уязвимость функции load_elf_binary ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код

Published: 2017-11-10Modified: 2024-09-24

CVSS 3.xHIGH 7.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

BDU:2018-00380

HIGH7.5

Уязвимость реализации TCP-стека операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2018-03-16Modified: 2024-12-03

CVSS 3.xHIGH 7.5

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2020-03264

MEDIUM5.5

Уязвимость компонента fs/f2fs/inline.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2020-07-09Modified: 2024-05-31

CVSS 3.xMEDIUM 5.5

CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2018-13099

BDU:2020-04693

MEDIUM5.5

Уязвимость функции ovl_posix_acl_create ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2020-10-15

CVSS 3.xMEDIUM 5.5

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2019-10140

BDU:2021-01293

HIGH7.0

Уязвимость ядра операционных систем Linux, связанная с ошибками разыменования указателей, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Published: 2021-03-15Modified: 2021-03-23

CVSS 3.xHIGH 7.0

CVSS:3.x/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2015-8543

BDU:2022-00885

HIGH7.2

Уязвимость функций pipe_read и pipe_write в fs/pipe.c ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании

Published: 2022-02-25

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2015-1805

BDU:2022-00886

MEDIUM4.9

Уязвимость функции ping_unhash (net/ipv4/ping.c) ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании

Published: 2022-02-25

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-3636

BDU:2022-04396

MEDIUM6.2

Уязвимость компонента /dev/pts/ ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Published: 2022-07-15

CVSS 3.xMEDIUM 6.2

CVSS:3.x/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2011-4916

BDU:2022-05012

LOW3.5

Уязвимость ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию

Published: 2022-08-16

CVSS 3.xLOW 3.5

CVSS:3.x/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS 2.0LOW 2.3

CVSS:2.0/AV:A/AC:M/Au:S/C:P/I:N/A:N

References

CVE-2011-4917

BDU:2022-05860

HIGH7.8

Уязвимость функции inode_init_owner компонента fs/inode.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

Published: 2022-09-23

CVSS 3.xHIGH 7.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:C

References

CVE-2018-13405

BDU:2023-00352

MEDIUM5.9

Уязвимость функции scsi_ioctl (drivers/scsi/scsi_ioctl.c) ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии

Published: 2023-01-25

CVSS 3.xMEDIUM 5.9

CVSS:3.x/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2012-4542

CVE-2011-1833

LOW3.3

Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.

Published: 2012-10-03Modified: 2026-04-29

CVSS 2.0LOW 3.3

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:N

References

CVE-2011-2494

LOW2.1

kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password.

Published: 2012-06-13Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2011-2699

HIGH7.5

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.

Published: 2012-05-24Modified: 2026-04-29

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xHIGH 7.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2011-2707

MEDIUM6.0

The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.

Published: 2012-05-24Modified: 2026-04-29

CVSS 2.0LOW 3.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS 3.xMEDIUM 6.0

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

References

CVE-2011-2905

MEDIUM6.2

Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory.

Published: 2013-03-01Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2011-2906

MEDIUM5.5

Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioctl call. NOTE: this may be a vulnerability only in unusual environments that provide a privileged program for obtaining the required file descriptor.

Published: 2012-05-24Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2011-2909

MEDIUM4.9

The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string.

Published: 2014-02-15Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2011-2918

MEDIUM5.5

The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.

Published: 2012-05-24Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2011-2928

MEDIUM4.9

The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem.

Published: 2011-08-29Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2011-3188

CRITICAL9.1

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

Published: 2012-05-24Modified: 2026-04-29

CVSS 2.0MEDIUM 6.4

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:P

CVSS 3.xCRITICAL 9.1

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

References

CVE-2011-3353

MEDIUM5.5

Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem.

Published: 2012-05-24Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2011-4081

MEDIUM5.5

crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket.

Published: 2012-05-24Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2011-4086

MEDIUM4.9

The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal.

Published: 2012-07-03Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2011-4097

MEDIUM5.5

Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2011-4098

LOW1.9

The fallocate implementation in the GFS2 filesystem in the Linux kernel before 3.2 relies on the page cache, which might allow local users to cause a denial of service by preallocating blocks in certain situations involving insufficient memory.

Published: 2013-06-08Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:P

References

CVE-2011-4112

MEDIUM5.5

The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction with a bridge device for a VLAN interface.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2011-4127

MEDIUM4.6

The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.

Published: 2012-07-03Modified: 2026-04-29

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2011-4347

MEDIUM4.0

The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation.

Published: 2013-06-08Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2011-4594

MEDIUM5.5

The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2011-4604

MEDIUM6.8

The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet.

Published: 2013-06-07Modified: 2026-04-29

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P

References

CVE-2011-4915

MEDIUM5.5

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

Published: 2020-02-20Modified: 2024-11-21

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

CVE-2011-4916

MEDIUM5.5

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

Published: 2022-07-12Modified: 2024-11-21

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

CVE-2011-4917

MEDIUM5.5

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.

Published: 2022-04-18Modified: 2024-11-21

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

CVE-2011-5321

MEDIUM5.5

The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted access to a device file under the /dev/pts directory.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2011-5327

CRITICAL9.8

In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.

Published: 2019-07-27Modified: 2024-11-21

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2012-0038

MEDIUM5.5

Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2012-0045

MEDIUM4.7

The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.

Published: 2012-07-03Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2012-0058

MEDIUM5.5

The kiocb_batch_free function in fs/aio.c in the Linux kernel before 3.2.2 allows local users to cause a denial of service (OOPS) via vectors that trigger incorrect iocb management.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2012-0810

MEDIUM5.5

The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.

Published: 2020-02-12Modified: 2024-11-21

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2012-0957

MEDIUM4.9

The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.

Published: 2012-12-21Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2012-1090

MEDIUM5.5

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2012-1146

MEDIUM5.5

The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2012-1179

MEDIUM5.2

The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 5.2

CVSS:2.0/AV:A/AC:M/Au:S/C:N/I:N/A:C

References

CVE-2012-1601

MEDIUM4.9

The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-2100

HIGH7.1

The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307.

Published: 2012-07-03Modified: 2026-04-29

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2012-2119

MEDIUM5.2

Buffer overflow in the macvtap device driver in the Linux kernel before 3.4.5, when running in certain configurations, allows privileged KVM guest users to cause a denial of service (crash) via a long descriptor with a long vector length.

Published: 2013-01-22Modified: 2026-04-29

CVSS 2.0MEDIUM 5.2

CVSS:2.0/AV:A/AC:M/Au:S/C:N/I:N/A:C

References

CVE-2012-2121

MEDIUM4.9

The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-2123

HIGH7.2

The cap_bprm_set_creds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the use of file system capabilities (aka fcaps) for implementing a privileged executable file, which allows local users to bypass intended personality restrictions via a crafted application, as demonstrated by an attack that uses a parent process to disable ASLR.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2012-2127

MEDIUM5.0

fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd.

Published: 2012-06-21Modified: 2026-04-29

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2012-2133

MEDIUM4.0

Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data.

Published: 2012-07-03Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2012-2136

HIGH7.2

The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device.

Published: 2012-08-09Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2012-2137

MEDIUM6.9

Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function.

Published: 2013-01-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2012-2313

LOW1.2

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.

Published: 2012-06-13Modified: 2026-04-29

CVSS 2.0LOW 1.2

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:P

References

CVE-2012-2319

HIGH7.2

Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.

Published: 2012-05-17Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2012-2372

MEDIUM4.4

The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interface's own IP address, as demonstrated by rds-ping.

Published: 2013-01-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:S/C:N/I:N/A:C

References

CVE-2012-2373

MEDIUM4.0

The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition.

Published: 2012-08-09Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2012-2375

MEDIUM4.6

The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131.

Published: 2012-06-13Modified: 2026-04-29

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:A/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2012-2383

MEDIUM4.9

Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.

Published: 2012-06-13Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-2384

MEDIUM4.9

Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.

Published: 2012-06-13Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-2390

MEDIUM4.9

Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations.

Published: 2012-06-13Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-2669

LOW2.1

The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.

Published: 2012-12-27Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

References

CVE-2012-2745

MEDIUM4.7

The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call.

Published: 2012-08-09Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2012-3364

MEDIUM5.0

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields.

Published: 2013-01-22Modified: 2026-04-29

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2012-3375

MEDIUM4.9

The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.

Published: 2012-10-03Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-3400

HIGH7.6

Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.

Published: 2012-10-03Modified: 2026-04-29

CVSS 2.0HIGH 7.6

CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2012-3412

HIGH7.8

The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.

Published: 2012-10-03Modified: 2026-04-29

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-3430

LOW2.1

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.

Published: 2012-10-03Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2012-3511

MEDIUM6.2

Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.

Published: 2012-10-04Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2012-3520

LOW1.9

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.

Published: 2012-10-03Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:P/A:N

References

CVE-2012-4398

MEDIUM4.9

The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.

Published: 2013-02-18Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-4461

LOW1.9

The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.

Published: 2013-01-22Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:P

References

CVE-2012-4467

MEDIUM6.6

The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a crafted ioctl call.

Published: 2012-10-10Modified: 2026-04-29

CVSS 2.0MEDIUM 6.6

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:C

References

CVE-2012-4508

LOW1.9

Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.

Published: 2012-12-21Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-4530

LOW2.1

The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: 2013-02-18Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2012-4542

MEDIUM4.6

block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.

Published: 2013-02-28Modified: 2026-04-29

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2012-4565

MEDIUM4.7

The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats.

Published: 2012-12-21Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2012-5374

MEDIUM4.0

The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value.

Published: 2013-02-18Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2012-5375

MEDIUM4.0

The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with a specific CRC32C hash value.

Published: 2013-02-18Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2012-5517

MEDIUM4.0

The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator.

Published: 2012-12-21Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2012-5532

MEDIUM4.9

The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669.

Published: 2012-12-27Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-6536

LOW2.1

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and providing a (1) new or (2) updated state.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2012-6537

LOW1.9

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6538

LOW1.9

The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6539

LOW1.9

The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6540

LOW1.9

The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6541

LOW1.9

The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6542

LOW1.9

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6543

LOW1.9

The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6544

LOW1.9

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6545

LOW1.9

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6546

LOW1.9

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6547

LOW1.9

The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6548

LOW1.9

The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6549

LOW1.9

The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2012-6638

HIGH7.8

The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663.

Published: 2014-02-15Modified: 2026-04-29

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-6647

MEDIUM4.9

The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command.

Published: 2014-05-26Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-6657

MEDIUM4.9

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2012-6689

HIGH7.8

The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2012-6701

HIGH7.8

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2012-6704

HIGH7.8

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.

Published: 2016-12-28Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2012-6712

CRITICAL9.8

In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

Published: 2019-07-27Modified: 2024-11-21

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2013-0160

LOW2.1

The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device.

Published: 2013-02-18Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-0216

MEDIUM5.2

The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.

Published: 2013-02-18Modified: 2026-04-29

CVSS 2.0MEDIUM 5.2

CVSS:2.0/AV:A/AC:M/Au:S/C:N/I:N/A:C

References

CVE-2013-0217

MEDIUM5.2

Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions.

Published: 2013-02-18Modified: 2026-04-29

CVSS 2.0MEDIUM 5.2

CVSS:2.0/AV:A/AC:M/Au:S/C:N/I:N/A:C

References

CVE-2013-0228

MEDIUM6.2

The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application.

Published: 2013-03-01Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-0268

MEDIUM6.2

The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.

Published: 2013-02-18Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-0290

MEDIUM4.9

The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application.

Published: 2013-02-19Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2013-0309

MEDIUM4.7

arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application.

Published: 2013-02-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-0310

MEDIUM6.6

The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call.

Published: 2013-02-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.6

CVSS:2.0/AV:L/AC:M/Au:S/C:C/I:C/A:C

References

CVE-2013-0311

MEDIUM6.5

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

Published: 2013-02-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.5

CVSS:2.0/AV:A/AC:H/Au:S/C:C/I:C/A:C

References

CVE-2013-0313

MEDIUM6.2

The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an attempted removexattr operation on an inode of a sockfs filesystem.

Published: 2013-02-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-0343

LOW3.2

The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages.

Published: 2013-02-28Modified: 2026-04-29

CVSS 2.0LOW 3.2

CVSS:2.0/AV:A/AC:H/Au:N/C:P/I:N/A:P

References

CVE-2013-0349

LOW1.9

The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does not properly copy a certain name field, which allows local users to obtain sensitive information from kernel memory by setting a long name and making an HIDPCONNADD ioctl call.

Published: 2013-02-28Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2013-0871

MEDIUM6.9

Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.

Published: 2013-02-18Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-0913

HIGH7.2

Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.

Published: 2013-03-18Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-0914

LOW3.6

The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0LOW 3.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:N

References

CVE-2013-1059

HIGH7.8

net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.

Published: 2013-07-08Modified: 2026-04-29

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2013-1763

HIGH7.2

Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.

Published: 2013-02-28Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-1767

MEDIUM6.2

Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.

Published: 2013-02-28Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-1772

MEDIUM4.0

The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (buffer overflow and system crash) by leveraging /dev/kmsg write access and triggering a call_console_drivers function call.

Published: 2013-02-28Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2013-1773

MEDIUM6.2

Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion.

Published: 2013-02-28Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-1774

MEDIUM4.0

The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter.

Published: 2013-02-28Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2013-1792

MEDIUM4.7

Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-1796

MEDIUM6.8

The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-1797

MEDIUM6.8

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-1798

MEDIUM6.2

The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:N/A:C

References

CVE-2013-1819

MEDIUM4.6

The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the ability to mount an XFS filesystem containing a metadata inode with an invalid extent map.

Published: 2013-03-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2013-1826

MEDIUM6.2

The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-1827

MEDIUM6.2

net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsockopt call.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-1828

MEDIUM6.9

The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-1848

MEDIUM6.2

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-1858

HIGH7.2

The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child process.

Published: 2013-04-05Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-1860

MEDIUM6.9

Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-1928

MEDIUM4.7

The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb device.

Published: 2013-04-29Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:N/A:N

References

CVE-2013-1929

MEDIUM4.4

Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure.

Published: 2013-06-07Modified: 2026-04-29

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P

References

CVE-2013-1956

LOW2.1

The create_user_ns function in kernel/user_namespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call.

Published: 2013-04-24Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

References

CVE-2013-1957

MEDIUM4.7

The clone_mnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNT_READONLY flag, which allows local users to bypass an intended read-only property of a filesystem by leveraging a separate mount namespace.

Published: 2013-04-24Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:N/A:N

References

CVE-2013-1958

LOW1.9

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval during which a user namespace has been created but a PID namespace has not been created.

Published: 2013-04-24Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:P/A:N

References

CVE-2013-1959

LOW3.7

kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.

Published: 2013-05-03Modified: 2026-04-29

CVSS 2.0LOW 3.7

CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:P/A:P

References

CVE-2013-1979

MEDIUM6.9

The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.

Published: 2013-05-03Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-2015

MEDIUM4.7

The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test.

Published: 2013-04-29Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2058

MEDIUM4.7

The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service (system crash) by sending a large amount of network traffic through a USB/Ethernet adapter.

Published: 2013-11-04Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2094

HIGH8.4

The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.

Published: 2013-05-14Modified: 2026-04-22

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 8.4

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2013-2140

LOW3.8

The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature.

Published: 2013-09-25Modified: 2026-04-29

CVSS 2.0LOW 3.8

CVSS:2.0/AV:A/AC:M/Au:S/C:N/I:P/A:P

References

CVE-2013-2141

LOW2.1

The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call.

Published: 2013-06-07Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2146

MEDIUM4.7

arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows local users to cause a denial of service (general protection fault and system crash) by attempting to set a reserved bit.

Published: 2013-06-07Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2147

LOW2.1

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.

Published: 2013-06-07Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2148

LOW2.1

The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor.

Published: 2013-06-07Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2164

LOW2.1

The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.

Published: 2013-07-04Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2206

MEDIUM5.4

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.

Published: 2013-07-04Modified: 2026-04-29

CVSS 2.0MEDIUM 5.4

CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2013-2232

MEDIUM4.9

The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to an IPv4 interface.

Published: 2013-07-04Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2013-2234

LOW2.1

The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket.

Published: 2013-07-04Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2237

LOW2.1

The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.

Published: 2013-07-04Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2546

LOW2.1

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2547

LOW2.1

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2548

LOW2.1

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

Published: 2013-03-15Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-2634

LOW1.9

net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2013-2635

LOW1.9

The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2013-2636

LOW1.9

net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Published: 2013-03-22Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2013-2850

HIGH7.9

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.

Published: 2013-06-07Modified: 2026-04-29

CVSS 2.0HIGH 7.9

CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-2851

MEDIUM6.0

Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.

Published: 2013-06-07Modified: 2026-04-29

CVSS 2.0MEDIUM 6.0

CVSS:2.0/AV:L/AC:H/Au:S/C:C/I:C/A:C

References

CVE-2013-2852

MEDIUM6.9

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.

Published: 2013-06-07Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-2888

MEDIUM6.2

Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-2889

MEDIUM4.7

drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2890

MEDIUM4.7

drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SONY is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2891

MEDIUM4.7

drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2892

MEDIUM4.7

drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2893

MEDIUM4.7

The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2894

MEDIUM4.7

drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2895

MEDIUM5.4

drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or obtain sensitive information from kernel memory via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 5.4

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:C

References

CVE-2013-2896

MEDIUM4.7

drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2897

MEDIUM4.7

Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2898

LOW1.9

drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2013-2899

MEDIUM4.7

drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device.

Published: 2013-09-16Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-2929

LOW3.3

The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h.

Published: 2013-12-09Modified: 2026-04-29

CVSS 2.0LOW 3.3

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:N

References

CVE-2013-2930

LOW3.6

The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.

Published: 2013-12-09Modified: 2026-04-29

CVSS 2.0LOW 3.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:N

References

CVE-2013-3076

MEDIUM4.9

The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3222

MEDIUM4.9

The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3223

MEDIUM4.9

The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3224

MEDIUM4.9

The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3225

MEDIUM4.9

The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3226

MEDIUM4.9

The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3227

MEDIUM4.9

The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3228

MEDIUM4.9

The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3229

MEDIUM4.9

The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3230

MEDIUM4.9

The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3231

MEDIUM4.7

The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:N/A:N

References

CVE-2013-3232

MEDIUM4.9

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3233

MEDIUM4.9

The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3234

MEDIUM4.9

The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3235

MEDIUM4.9

net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3236

MEDIUM4.9

The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3237

MEDIUM4.9

The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Published: 2013-04-22Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-3301

HIGH7.2

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

Published: 2013-04-29Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-3302

MEDIUM4.4

Race condition in the smb_send_rqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors involving a reconnection event.

Published: 2013-04-29Modified: 2026-04-29

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P

References

CVE-2013-4125

MEDIUM5.4

The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred for one of the first two routes, which allows remote attackers to cause a denial of service (system crash) via a crafted sequence of messages.

Published: 2013-07-15Modified: 2026-04-29

CVSS 2.0MEDIUM 5.4

CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2013-4127

MEDIUM4.7

Use-after-free vulnerability in the vhost_net_set_backend function in drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users to cause a denial of service (OOPS and system crash) via vectors involving powering on a virtual machine.

Published: 2013-07-29Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-4129

MEDIUM4.7

The bridge multicast implementation in the Linux kernel through 3.10.3 does not check whether a certain timer is armed before modifying the timeout value of that timer, which allows local users to cause a denial of service (BUG and system crash) via vectors involving the shutdown of a KVM virtual machine, related to net/bridge/br_mdb.c and net/bridge/br_multicast.c.

Published: 2013-07-29Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-4162

MEDIUM4.7

The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.

Published: 2013-07-29Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-4163

MEDIUM4.7

The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.

Published: 2013-07-29Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-4205

MEDIUM4.7

Memory leak in the unshare_userns function in kernel/user_namespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service (memory consumption) via an invalid CLONE_NEWUSER unshare call.

Published: 2013-08-25Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-4220

MEDIUM4.9

The bad_mode function in arch/arm64/kernel/traps.c in the Linux kernel before 3.9.5 on the ARM64 platform allows local users to cause a denial of service (system crash) via vectors involving an attempted register access that triggers an unexpected value in the Exception Syndrome Register (ESR).

Published: 2013-08-25Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2013-4254

MEDIUM6.9

The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event.

Published: 2013-08-25Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-4270

LOW3.6

The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not properly determine uid and gid values, which allows local users to bypass intended /proc/sys/net restrictions via a crafted application.

Published: 2013-12-09Modified: 2026-04-29

CVSS 2.0LOW 3.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:N

References

CVE-2013-4299

MEDIUM6.0

Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.

Published: 2013-10-24Modified: 2026-04-29

CVSS 2.0MEDIUM 6.0

CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:P/A:P

References

CVE-2013-4300

HIGH7.2

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing.

Published: 2013-09-25Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-4312

MEDIUM6.2

The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.2

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2013-4343

MEDIUM6.9

Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call.

Published: 2013-09-25Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-4345

MEDIUM5.8

Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data.

Published: 2013-10-10Modified: 2026-04-29

CVSS 2.0MEDIUM 5.8

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N

References

CVE-2013-4350

MEDIUM5.0

The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network.

Published: 2013-09-25Modified: 2026-04-29

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2013-4387

MEDIUM6.1

net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet.

Published: 2013-10-10Modified: 2026-04-29

CVSS 2.0MEDIUM 6.1

CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2013-4470

MEDIUM6.9

The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c.

Published: 2013-11-04Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-4483

MEDIUM4.9

The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or system crash) via a crafted application.

Published: 2013-11-04Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2013-4511

MEDIUM6.9

Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the (1) au1100fb_fb_mmap function in drivers/video/au1100fb.c and the (2) au1200fb_fb_mmap function in drivers/video/au1200fb.c.

Published: 2013-11-12Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-4512

MEDIUM4.7

Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation.

Published: 2013-11-12Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-4513

MEDIUM4.9

Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.

Published: 2013-11-12Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2013-4514

MEDIUM4.7

Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_uil_put_info and (2) wvlan_set_station_nickname functions.

Published: 2013-11-12Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-4515

MEDIUM4.9

The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call.

Published: 2013-11-12Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-4516

MEDIUM4.9

The mp_get_count function in drivers/staging/sb105x/sb_pci_mp.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

Published: 2013-11-12Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-4579

MEDIUM4.3

The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations.

Published: 2013-11-20Modified: 2026-04-29

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2013-4587

HIGH7.2

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

Published: 2013-12-14Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2013-4591

MEDIUM6.2

Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a getxattr system call for the system.nfs4_acl extended attribute of a pathname on an NFSv4 filesystem.

Published: 2013-11-20Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-4592

MEDIUM4.0

Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_main.c in the Linux kernel before 3.9 allows local users to cause a denial of service (memory consumption) by leveraging certain device access to trigger movement of memory slots.

Published: 2013-11-20Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2013-5634

MEDIUM4.3

arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service (NULL pointer dereference, OOPS, and host OS crash) or possibly have unspecified other impact by omitting vCPU initialization before a KVM_GET_REG_LIST ioctl call.

Published: 2013-09-25Modified: 2026-04-29

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:A/AC:H/Au:S/C:N/I:N/A:C

References

CVE-2013-6282

HIGH8.8

The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.

Published: 2013-11-20Modified: 2026-04-22

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2013-6367

MEDIUM5.7

The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.

Published: 2013-12-14Modified: 2026-04-29

CVSS 2.0MEDIUM 5.7

CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-6368

MEDIUM6.2

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.

Published: 2013-12-14Modified: 2026-04-29

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2013-6376

MEDIUM5.2

The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.

Published: 2013-12-14Modified: 2026-04-29

CVSS 2.0MEDIUM 5.2

CVSS:2.0/AV:A/AC:M/Au:S/C:N/I:N/A:C

References

CVE-2013-6378

MEDIUM4.4

The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation.

Published: 2013-11-27Modified: 2026-04-29

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:S/C:N/I:N/A:C

References

CVE-2013-6380

MEDIUM4.7

The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command.

Published: 2013-11-27Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-6381

MEDIUM6.9

Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size.

Published: 2013-11-27Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-6382

MEDIUM4.0

Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.

Published: 2013-11-27Modified: 2026-04-29

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2013-6383

MEDIUM6.9

The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.

Published: 2013-11-27Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-6431

MEDIUM4.7

The fib6_add function in net/ipv6/ip6_fib.c in the Linux kernel before 3.11.5 does not properly implement error-code encoding, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for an IPv6 SIOCADDRT ioctl call.

Published: 2013-12-09Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-6432

MEDIUM4.6

The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a crafted application.

Published: 2013-12-09Modified: 2026-04-29

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:S/C:N/I:N/A:C

References

CVE-2013-6763

MEDIUM6.9

The uio_mmap_physical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a memory block, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted mmap operations, a different vulnerability than CVE-2013-4511.

Published: 2013-11-12Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2013-7026

MEDIUM4.7

Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted application that uses shmctl IPC_RMID operations in conjunction with other shm system calls.

Published: 2013-12-09Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-7027

MEDIUM6.1

The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service (buffer over-read) via a crafted header.

Published: 2013-12-09Modified: 2026-04-29

CVSS 2.0MEDIUM 6.1

CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2013-7263

MEDIUM4.9

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

Published: 2014-01-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7264

MEDIUM4.9

The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: 2014-01-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7265

MEDIUM4.9

The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: 2014-01-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7266

MEDIUM4.9

The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: 2014-01-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7267

MEDIUM4.9

The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: 2014-01-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7268

MEDIUM4.9

The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: 2014-01-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7269

MEDIUM4.9

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: 2014-01-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7270

MEDIUM4.9

The packet_recvmsg function in net/packet/af_packet.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: 2014-01-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7271

MEDIUM4.9

The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: 2014-01-06Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7281

MEDIUM4.9

The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.

Published: 2014-01-08Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

References

CVE-2013-7339

MEDIUM4.7

The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.

Published: 2014-03-24Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2013-7348

MEDIUM4.6

Double free vulnerability in the ioctx_alloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via vectors involving an error condition in the aio_setup_ring function.

Published: 2014-04-01Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2013-7421

LOW2.1

The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

Published: 2015-03-02Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

References

CVE-2013-7445

HIGH7.8

The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.

Published: 2015-10-16Modified: 2025-04-12

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2013-7446

MEDIUM5.3

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.

Published: 2015-12-28Modified: 2025-04-12

CVSS 2.0MEDIUM 5.4

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:P/A:C

CVSS 3.xMEDIUM 5.3

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

References

CVE-2013-7470

MEDIUM5.9

cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerability than CVE-2013-0310.

Published: 2019-04-23Modified: 2024-11-21

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.9

CVSS:3.x/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-0038

MEDIUM6.9

The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.

Published: 2014-02-06Modified: 2026-04-29

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-0049

HIGH7.4

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.

Published: 2014-03-11Modified: 2025-04-12

CVSS 2.0HIGH 7.4

CVSS:2.0/AV:A/AC:M/Au:S/C:C/I:C/A:C

References

CVE-2014-0069

HIGH7.2

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.

Published: 2014-02-28Modified: 2026-04-29

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-0077

MEDIUM5.5

drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.

Published: 2014-04-14Modified: 2025-04-12

CVSS 2.0MEDIUM 5.5

CVSS:2.0/AV:A/AC:H/Au:S/C:P/I:P/A:C

References

CVE-2014-0101

HIGH7.8

The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.

Published: 2014-03-11Modified: 2025-04-12

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-0102

MEDIUM5.2

The keyring_detect_cycle_iterator function in security/keys/keyring.c in the Linux kernel through 3.13.6 does not properly determine whether keyrings are identical, which allows local users to cause a denial of service (OOPS) via crafted keyctl commands.

Published: 2014-03-11Modified: 2025-04-12

CVSS 2.0MEDIUM 5.2

CVSS:2.0/AV:A/AC:M/Au:S/C:N/I:N/A:C

References

CVE-2014-0131

LOW2.9

Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation.

Published: 2014-03-24Modified: 2025-04-12

CVSS 2.0LOW 2.9

CVSS:2.0/AV:A/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2014-0155

MEDIUM5.5

The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced.

Published: 2014-04-14Modified: 2025-04-12

CVSS 2.0MEDIUM 5.5

CVSS:2.0/AV:A/AC:L/Au:S/C:N/I:N/A:C

References

CVE-2014-0181

LOW2.1

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.

Published: 2014-04-27Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

References

CVE-2014-0196

MEDIUM5.5

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Published: 2014-05-07Modified: 2026-04-21

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-0206

LOW2.1

Array index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value.

Published: 2014-06-25Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2014-1438

MEDIUM4.7

The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application.

Published: 2014-01-18Modified: 2026-04-29

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-1444

LOW1.7

The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call.

Published: 2014-01-18Modified: 2026-04-29

CVSS 2.0LOW 1.7

CVSS:2.0/AV:L/AC:L/Au:S/C:P/I:N/A:N

References

CVE-2014-1445

LOW2.1

The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call.

Published: 2014-01-18Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2014-1446

LOW1.9

The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call.

Published: 2014-01-18Modified: 2026-04-29

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2014-1690

LOW2.6

The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature.

Published: 2014-02-28Modified: 2026-04-29

CVSS 2.0LOW 2.6

CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:N/A:N

References

CVE-2014-1737

HIGH7.2

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

Published: 2014-05-11Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-1738

LOW2.1

The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device.

Published: 2014-05-11Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2014-1739

LOW2.1

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

Published: 2014-06-23Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2014-1874

MEDIUM4.9

The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.

Published: 2014-02-28Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-2038

LOW2.1

The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file.

Published: 2014-02-28Modified: 2026-04-29

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2014-2039

MEDIUM4.9

arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction.

Published: 2014-02-28Modified: 2026-04-29

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-2309

MEDIUM6.1

The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.

Published: 2014-03-11Modified: 2025-04-12

CVSS 2.0MEDIUM 6.1

CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-2523

CRITICAL10.0

net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.

Published: 2014-03-24Modified: 2025-04-12

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-2568

LOW2.9

Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. NOTE: the affected code was moved to the skb_zerocopy function in net/core/skbuff.c before the vulnerability was announced.

Published: 2014-03-24Modified: 2025-04-12

CVSS 2.0LOW 2.9

CVSS:2.0/AV:A/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2014-2673

MEDIUM4.7

The arch_dup_task_struct function in the Transactional Memory (TM) implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platform does not properly interact with the clone and fork system calls, which allows local users to cause a denial of service (Program Check and system crash) via certain instructions that are executed with the processor in the Transactional state.

Published: 2014-04-01Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-2678

MEDIUM4.7

The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.

Published: 2014-04-01Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-2706

HIGH7.1

Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.

Published: 2014-04-14Modified: 2025-04-12

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-2851

MEDIUM6.9

Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.

Published: 2014-04-14Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-2889

MEDIUM4.6

Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges via a long jump after a conditional jump.

Published: 2014-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2014-3122

MEDIUM4.9

The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table mappings.

Published: 2014-05-11Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-3144

MEDIUM4.9

The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced.

Published: 2014-05-11Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-3145

MEDIUM4.9

The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.

Published: 2014-05-11Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-3153

HIGH7.8

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

Published: 2014-06-07Modified: 2026-04-21

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2014-3180

CRITICAL9.1

In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable

Published: 2019-11-06Modified: 2024-11-21

CVSS 2.0MEDIUM 6.4

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:P

CVSS 3.xCRITICAL 9.1

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

References

CVE-2014-3181

MEDIUM6.9

Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with an event.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-3182

MEDIUM6.9

Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-3183

MEDIUM6.9

Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that specifies a large report size for an LED report.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-3184

MEDIUM4.7

The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-3185

MEDIUM6.9

Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-3534

HIGH7.2

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call.

Published: 2014-08-01Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3601

MEDIUM4.3

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages.

Published: 2014-09-01Modified: 2025-04-12

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:A/AC:H/Au:S/C:N/I:N/A:C

References

CVE-2014-3610

MEDIUM5.5

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-3611

MEDIUM4.7

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 4.7

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-3631

HIGH7.2

The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-3645

LOW2.1

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2014-3646

MEDIUM5.5

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2014-3647

MEDIUM5.5

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2014-3673

HIGH7.5

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xHIGH 7.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-3687

HIGH7.5

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xHIGH 7.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-3688

MEDIUM5.0

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.

Published: 2014-11-30Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2014-3690

MEDIUM5.5

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-3917

LOW3.3

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

Published: 2014-06-05Modified: 2025-04-12

CVSS 2.0LOW 3.3

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:P

References

CVE-2014-3940

MEDIUM4.0

The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c.

Published: 2014-06-05Modified: 2025-04-12

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2014-4014

MEDIUM6.2

The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.

Published: 2014-06-23Modified: 2025-04-12

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2014-4027

LOW2.3

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

Published: 2014-06-23Modified: 2025-04-12

CVSS 2.0LOW 2.3

CVSS:2.0/AV:A/AC:M/Au:S/C:P/I:N/A:N

References

CVE-2014-4157

MEDIUM4.6

arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audit subsystem.

Published: 2014-06-23Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2014-4171

MEDIUM4.7

mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service (i_mutex hold) by using the mmap system call to access a hole, as demonstrated by interfering with intended shmem activity by blocking completion of (1) an MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call.

Published: 2014-06-23Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-4322

HIGH7.2

drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application.

Published: 2014-12-24Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-4323

HIGH7.5

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows attackers to gain privileges via a crafted application.

Published: 2014-12-12Modified: 2025-04-12

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2014-4508

MEDIUM4.7

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.

Published: 2014-06-23Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-4608

HIGH7.3

Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says "the Linux kernel is not affected; media hype.

Published: 2014-07-03Modified: 2025-04-12

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.3

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

CVE-2014-4611

MEDIUM5.0

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.

Published: 2014-07-03Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2014-4652

LOW1.9

Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.

Published: 2014-07-03Modified: 2025-04-12

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2014-4653

MEDIUM4.6

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.

Published: 2014-07-03Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2014-4654

MEDIUM4.6

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call.

Published: 2014-07-03Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2014-4655

MEDIUM4.9

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.

Published: 2014-07-03Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-4656

MEDIUM4.6

Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function.

Published: 2014-07-03Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2014-4667

MEDIUM5.0

The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.

Published: 2014-07-03Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2014-4699

MEDIUM6.9

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.

Published: 2014-07-09Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-4943

MEDIUM6.9

The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.

Published: 2014-07-19Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-5045

MEDIUM6.2

The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program.

Published: 2014-08-01Modified: 2025-04-12

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2014-5077

HIGH7.1

The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.

Published: 2014-08-01Modified: 2025-04-12

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-5206

HIGH7.2

The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.

Published: 2014-08-18Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-5207

MEDIUM6.2

fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace.

Published: 2014-08-18Modified: 2025-04-12

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2014-5471

MEDIUM4.0

Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry.

Published: 2014-09-01Modified: 2025-04-12

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2014-5472

MEDIUM4.0

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry.

Published: 2014-09-01Modified: 2025-04-12

CVSS 2.0MEDIUM 4.0

CVSS:2.0/AV:L/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2014-6410

MEDIUM4.7

The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-6416

HIGH7.8

Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-6417

HIGH7.8

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-6418

HIGH7.1

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor.

Published: 2014-09-28Modified: 2025-04-12

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2014-7283

MEDIUM4.9

The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations.

Published: 2014-10-13Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-7822

HIGH7.2

The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem.

Published: 2015-03-16Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-7825

HIGH7.8

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2014-7826

HIGH7.8

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2014-7841

MEDIUM5.0

The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.

Published: 2014-11-30Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2014-7842

MEDIUM4.9

Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313.

Published: 2014-11-30Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-7843

MEDIUM4.9

The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary.

Published: 2014-11-30Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-7970

MEDIUM5.5

The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.

Published: 2014-10-13Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-7975

MEDIUM5.5

The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call.

Published: 2014-10-13Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-8086

MEDIUM4.7

Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.

Published: 2014-10-13Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 4.7

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-8133

LOW2.1

arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value.

Published: 2014-12-17Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

References

CVE-2014-8134

LOW3.3

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.

Published: 2014-12-12Modified: 2025-04-12

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS 3.xLOW 3.3

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

References

CVE-2014-8160

MEDIUM5.0

net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.

Published: 2015-03-02Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N

References

CVE-2014-8172

MEDIUM4.9

The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service (soft lockup or system crash) via unspecified use of Asynchronous I/O (AIO) operations.

Published: 2015-03-16Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-8173

HIGH7.2

The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory (PMD) entry is a transparent huge-table entry, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted MADV_WILLNEED madvise system call that leverages the absence of a page-table lock.

Published: 2015-03-16Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2014-8369

HIGH7.8

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2014-8480

MEDIUM4.9

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-8481

MEDIUM4.9

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-8559

MEDIUM5.5

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2014-8709

MEDIUM5.0

The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets.

Published: 2014-11-10Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2014-8884

MEDIUM6.1

Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.

Published: 2014-11-30Modified: 2025-04-12

CVSS 2.0MEDIUM 6.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:C

References

CVE-2014-8989

MEDIUM4.6

The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c.

Published: 2014-11-30Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2014-9090

MEDIUM4.9

The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite.

Published: 2014-11-30Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-9322

HIGH7.8

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

Published: 2014-12-17Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2014-9410

CRITICAL9.8

The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate a certain id value, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that makes a crafted ioctl call.

Published: 2016-08-07Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2014-9419

LOW2.1

The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.

Published: 2014-12-26Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2014-9420

MEDIUM4.9

The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.

Published: 2014-12-26Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-9529

MEDIUM6.9

Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.

Published: 2015-01-09Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-9584

LOW2.1

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.

Published: 2015-01-09Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2014-9585

LOW2.1

The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.

Published: 2015-01-09Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

References

CVE-2014-9644

LOW2.1

The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-2013-7421.

Published: 2015-03-02Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

References

CVE-2014-9683

LOW3.6

Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.

Published: 2015-03-03Modified: 2025-04-12

CVSS 2.0LOW 3.6

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:P

References

CVE-2014-9710

MEDIUM6.9

The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit.

Published: 2015-05-27Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2014-9715

MEDIUM4.9

include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that triggers extension loading, as demonstrated by configuring a PPTP tunnel in a NAT environment.

Published: 2015-05-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-9717

MEDIUM6.1

fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0LOW 3.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:N

CVSS 3.xMEDIUM 6.1

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

References

CVE-2014-9728

MEDIUM4.9

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-9729

MEDIUM4.9

The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-9730

MEDIUM4.9

The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2014-9731

LOW2.1

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2014-9803

HIGH7.8

arch/arm64/include/asm/pgtable.h in the Linux kernel before 3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X and 6P devices, mishandles execute-only pages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28557020.

Published: 2016-07-11Modified: 2025-04-12

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2014-9870

HIGH7.8

The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allows local users to gain privileges via a crafted application, aka Android internal bug 28749743 and Qualcomm internal bug CR561044.

Published: 2016-08-06Modified: 2025-04-12

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2014-9895

MEDIUM5.5

drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28750150 and Qualcomm internal bug CR570757, a different vulnerability than CVE-2014-1739.

Published: 2016-08-06Modified: 2025-04-12

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References

CVE-2014-9922

HIGH7.8

The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.

Published: 2017-04-04Modified: 2025-04-20

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2014-9940

HIGH7.0

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.

Published: 2017-05-02Modified: 2025-04-20

CVSS 2.0HIGH 7.6

CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2015-0239

MEDIUM4.4

The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.

Published: 2015-03-02Modified: 2025-04-12

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P

References

CVE-2015-0274

HIGH7.2

The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges by leveraging XFS filesystem access.

Published: 2015-03-16Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2015-0275

MEDIUM4.9

The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.

Published: 2015-10-19Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-0568

HIGH7.8

Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in the MSM-Camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that makes a crafted ioctl call.

Published: 2016-08-07Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-0572

HIGH7.0

Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (zero-value write) or possibly have unspecified other impact via a COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl call.

Published: 2016-10-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-0573

CRITICAL9.8

drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call.

Published: 2016-08-07Modified: 2025-04-12

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-1328

HIGH7.8

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

Published: 2016-11-28Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-1333

MEDIUM4.9

Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-1339

MEDIUM6.2

Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.2

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-1350

MEDIUM5.5

The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-1420

LOW1.9

Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.

Published: 2015-03-16Modified: 2025-04-12

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

References

CVE-2015-1421

CRITICAL10.0

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.

Published: 2015-03-16Modified: 2025-04-12

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2015-1573

MEDIUM5.5

The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-1593

MEDIUM5.0

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.

Published: 2015-03-16Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2015-1805

HIGH7.2

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."

Published: 2015-08-08Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2015-2041

MEDIUM4.6

net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.

Published: 2015-04-21Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2015-2042

MEDIUM4.6

net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.

Published: 2015-04-21Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2015-2150

MEDIUM4.9

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

Published: 2015-03-12Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-2666

MEDIUM6.9

Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd.

Published: 2015-05-27Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2015-2672

MEDIUM5.5

The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cause a denial of service (panic) by triggering a fault, as demonstrated by an unaligned memory operand or a non-canonical address memory operand.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-2830

LOW1.9

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.

Published: 2015-05-27Modified: 2025-04-12

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:P/A:N

References

CVE-2015-2922

LOW3.3

The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

Published: 2015-05-27Modified: 2025-04-12

CVSS 2.0LOW 3.3

CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2015-2925

MEDIUM6.9

The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."

Published: 2015-11-16Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2015-3212

MEDIUM4.9

Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of system calls related to sockets, as demonstrated by setsockopt calls.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-3288

HIGH7.8

mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.

Published: 2016-10-16Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-3290

HIGH7.2

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering an NMI within a certain instruction window.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2015-3291

LOW2.1

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2015-3331

CRITICAL9.3

The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a crypto API call, as demonstrated by use of a libkcapi test program with an AF_ALG(aead) socket.

Published: 2015-05-27Modified: 2025-04-12

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2015-3332

MEDIUM4.9

A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.

Published: 2015-05-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-3339

MEDIUM6.2

Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped.

Published: 2015-05-27Modified: 2025-04-12

CVSS 2.0MEDIUM 6.2

CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:C/A:C

References

CVE-2015-3636

MEDIUM4.9

The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.

Published: 2015-08-06Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-4001

CRITICAL9.0

Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet.

Published: 2015-06-07Modified: 2025-04-12

CVSS 2.0CRITICAL 9.0

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:C

References

CVE-2015-4002

CRITICAL9.0

drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.

Published: 2015-06-07Modified: 2025-04-12

CVSS 2.0CRITICAL 9.0

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:C

References

CVE-2015-4036

HIGH7.2

Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOTE: the affected function was renamed to vhost_scsi_make_tpg before the vulnerability was announced.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2015-4167

MEDIUM4.7

The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.

Published: 2015-08-05Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2015-4170

MEDIUM4.7

Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 4.7

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2015-4176

MEDIUM5.5

fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

CVE-2015-4177

MEDIUM5.5

The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-4178

MEDIUM5.5

The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-4692

MEDIUM4.9

The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.

Published: 2015-07-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-4700

MEDIUM4.9

The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-5156

MEDIUM6.1

The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.

Published: 2015-10-19Modified: 2025-04-12

CVSS 2.0MEDIUM 6.1

CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-5157

HIGH7.2

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2015-5257

MEDIUM4.9

drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue that has the correct ID of CVE-2015-8320.

Published: 2015-11-16Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-5283

MEDIUM4.7

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

Published: 2015-10-19Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

References

CVE-2015-5307

MEDIUM4.9

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

Published: 2015-11-16Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-5364

HIGH7.8

The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-5366

MEDIUM5.0

The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2015-5697

LOW2.1

The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

References

CVE-2015-5706

MEDIUM4.6

Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2015-5707

MEDIUM4.6

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.

Published: 2015-10-19Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2015-6252

LOW2.1

The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation.

Published: 2015-10-19Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2015-6526

MEDIUM4.9

The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace.

Published: 2015-08-31Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-6937

MEDIUM4.9

The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound.

Published: 2015-10-19Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-7509

MEDIUM4.4

fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.

Published: 2015-12-28Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 4.4

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-7513

MEDIUM6.5

arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

CVE-2015-7515

MEDIUM4.6

The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 4.6

CVSS:3.x/CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-7550

MEDIUM5.5

The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-7566

MEDIUM4.6

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 4.6

CVSS:3.x/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-7613

MEDIUM6.9

Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.

Published: 2015-10-19Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

References

CVE-2015-7799

MEDIUM4.9

The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call.

Published: 2015-10-19Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2015-7872

LOW2.1

The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands.

Published: 2015-11-16Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2015-7884

LOW2.3

The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Published: 2015-12-28Modified: 2025-04-12

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS 3.xLOW 2.3

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

References

CVE-2015-7885

LOW2.3

The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Published: 2015-12-28Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 3.xLOW 2.3

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

References

CVE-2015-7990

MEDIUM5.8

Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.

Published: 2015-12-28Modified: 2025-04-12

CVSS 2.0MEDIUM 5.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:C

CVSS 3.xMEDIUM 5.8

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

References

CVE-2015-8104

CRITICAL10.0

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

Published: 2015-11-16Modified: 2025-04-23

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xCRITICAL 10.0

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

References

CVE-2015-8215

MEDIUM5.0

net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product.

Published: 2015-11-16Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2015-8374

MEDIUM4.0

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.

Published: 2015-12-28Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 4.0

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

CVE-2015-8539

HIGH7.8

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-8543

HIGH7.0

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.

Published: 2015-12-28Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-8569

LOW2.3

The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Published: 2015-12-28Modified: 2025-04-12

CVSS 2.0LOW 1.9

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS 3.xLOW 2.3

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

References

CVE-2015-8575

MEDIUM4.0

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 4.0

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

CVE-2015-8709

HIGH7.0

kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-8746

HIGH7.5

fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xHIGH 7.5

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-8767

MEDIUM6.2

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.2

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-8785

MEDIUM6.2

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.2

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-8812

CRITICAL9.8

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-8816

MEDIUM6.8

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xMEDIUM 6.8

CVSS:3.x/CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-8844

MEDIUM5.5

The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2015-8845

MEDIUM5.5

The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-8950

MEDIUM5.5

arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.

Published: 2016-10-10Modified: 2025-04-12

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References

CVE-2015-8953

MEDIUM5.5

fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service (dentry reference leak) via filesystem operations on a large file in a lower overlayfs layer.

Published: 2016-10-16Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-8955

HIGH7.3

arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs.

Published: 2016-10-10Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.3

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References

CVE-2015-8956

MEDIUM6.1

The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.

Published: 2016-10-10Modified: 2025-04-12

CVSS 2.0LOW 3.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS 3.xMEDIUM 6.1

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

References

CVE-2015-8962

HIGH7.3

Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.

Published: 2016-11-16Modified: 2025-04-12

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.3

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References

CVE-2015-8963

HIGH7.0

Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation.

Published: 2016-11-16Modified: 2025-04-12

CVSS 2.0HIGH 7.6

CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2015-8966

HIGH7.8

arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call.

Published: 2016-12-08Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2015-8967

HIGH7.8

arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access.

Published: 2016-12-08Modified: 2025-04-12

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2015-8970

MEDIUM5.5

crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c.

Published: 2016-11-28Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2015-9004

HIGH7.8

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.

Published: 2017-05-02Modified: 2025-04-20

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2015-9289

MEDIUM5.5

In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.

Published: 2019-07-27Modified: 2024-11-21

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:N/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

CVE-2016-0723

MEDIUM6.8

Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0MEDIUM 5.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:C

CVSS 3.xMEDIUM 6.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

References

CVE-2016-0728

HIGH7.8

The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.

Published: 2016-02-08Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-0821

MEDIUM5.5

The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection mechanism by triggering the use of an uninitialized list entry, aka Android internal bug 26186802, a different vulnerability than CVE-2015-3636.

Published: 2016-03-12Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

References

CVE-2016-0823

MEDIUM4.0

The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721.

Published: 2016-03-12Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 4.0

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

CVE-2016-10044

HIGH7.8

The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.

Published: 2017-02-07Modified: 2025-04-20

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-1583

HIGH7.8

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

Published: 2016-06-27Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-2053

MEDIUM4.7

The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.

Published: 2016-05-02Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 4.7

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2059

HIGH7.0

The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a client port, which allows attackers to gain privileges or cause a denial of service (race condition and list corruption) by making many BIND_CONTROL_PORT ioctl calls.

Published: 2016-05-05Modified: 2025-04-12

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-2061

HIGH7.8

Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call.

Published: 2016-06-13Modified: 2025-04-12

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2016-2062

HIGH7.8

The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and incorrect memory allocation) or possibly have unspecified other impact via a crafted IOCTL_KGSL_PERFCOUNTER_QUERY ioctl call.

Published: 2016-05-05Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-2063

HIGH7.8

Stack-based buffer overflow in the supply_lm_input_write function in drivers/thermal/supply_lm_core.c in the MSM Thermal driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted application that sends a large amount of data through the debugfs interface.

Published: 2016-08-07Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-2064

HIGH7.8

sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands.

Published: 2016-08-07Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2016-2065

HIGH7.8

sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (out-of-bounds write and memory corruption) or possibly have unspecified other impact via a crafted application that makes an ioctl call triggering incorrect use of a parameters pointer.

Published: 2016-08-07Modified: 2025-04-12

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2016-2066

HIGH7.8

Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application that makes an ioctl call.

Published: 2016-06-13Modified: 2025-04-12

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2016-2067

HIGH7.8

drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993.

Published: 2016-07-11Modified: 2025-04-12

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2016-2068

HIGH7.8

The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow or buffer over-read) via a crafted application that performs a (1) AUDIO_EFFECTS_WRITE or (2) AUDIO_EFFECTS_READ operation, aka Qualcomm internal bug CR1006609.

Published: 2016-07-11Modified: 2025-04-12

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2016-2069

HIGH7.4

Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.4

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-2085

MEDIUM5.5

The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

References

CVE-2016-2384

MEDIUM4.6

Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 4.6

CVSS:3.x/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2543

MEDIUM6.2

The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.2

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2544

MEDIUM5.1

Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.1

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2545

MEDIUM5.1

The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.1

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2546

MEDIUM5.1

sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.1

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2547

MEDIUM5.1

sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.7

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.1

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2548

MEDIUM6.2

sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.2

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2549

MEDIUM6.2

sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service (deadlock) via a crafted ioctl call.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 6.2

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2550

MEDIUM5.5

The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by leveraging incorrect tracking of descriptor ownership and sending each descriptor over a UNIX socket before closing it. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-4312.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-2847

MEDIUM6.2

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.2

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-3070

HIGH7.8

The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move.

Published: 2016-08-06Modified: 2025-04-12

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-3139

MEDIUM4.6

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

Published: 2016-04-27Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 4.6

CVSS:3.x/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2016-3841

HIGH7.3

The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.

Published: 2016-08-06Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.3

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References

CVE-2016-3955

CRITICAL9.8

The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.

Published: 2016-07-03Modified: 2025-04-12

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-4565

HIGH7.8

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

Published: 2016-05-23Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-4805

HIGH7.8

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.

Published: 2016-05-23Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-4913

HIGH7.8

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.

Published: 2016-05-23Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-4997

HIGH7.8

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.

Published: 2016-07-03Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-5340

HIGH7.8

The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.

Published: 2016-08-07Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-5342

HIGH7.8

Heap-based buffer overflow in the wcnss_wlan_write function in drivers/net/wireless/wcnss/wcnss_wlan.c in the wcnss_wlan device driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service or possibly have unspecified other impact by writing to /dev/wcnss_wlan with an unexpected amount of data.

Published: 2016-08-30Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-5343

CRITICAL9.8

drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.

Published: 2016-10-10Modified: 2025-04-12

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-5344

CRITICAL9.8

Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified other impact via a large size value, related to mdss_compat_utils.c, mdss_fb.c, and mdss_rotator.c.

Published: 2016-08-30Modified: 2025-04-12

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-5829

HIGH7.8

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

Published: 2016-06-27Modified: 2025-04-12

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-5870

HIGH7.8

The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact by triggering failure of an accept system call for an AF_MSM_IPC socket.

Published: 2017-04-04Modified: 2025-04-20

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-6786

HIGH7.0

kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111.

Published: 2016-12-28Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-6787

HIGH7.0

kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 31095224.

Published: 2016-12-28Modified: 2025-04-12

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-7117

CRITICAL9.8

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

Published: 2016-10-10Modified: 2025-04-12

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2016-7910

HIGH7.8

Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.

Published: 2016-11-16Modified: 2025-04-12

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2016-7911

HIGH7.8

Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.

Published: 2016-11-16Modified: 2025-04-12

CVSS 2.0CRITICAL 9.3

CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2016-8646

MEDIUM5.5

The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.

Published: 2016-11-28Modified: 2025-04-12

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2017-0523

HIGH7.0

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32835279. References: QC-CR#1096945.

Published: 2017-03-08Modified: 2025-04-20

CVSS 2.0HIGH 7.6

CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2017-1000253

HIGH7.8

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.

Published: 2017-10-05Modified: 2026-04-21

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-15116

MEDIUM5.5

The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).

Published: 2017-11-30Modified: 2025-04-20

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2017-2647

HIGH7.8

The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.

Published: 2017-03-31Modified: 2025-04-20

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2017-5972

HIGH7.5

The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many TCP SYN packets, as demonstrated by an attack against the kernel-3.10.0 package in CentOS Linux 7. NOTE: third parties have been unable to discern any relationship between the GitHub Engineering finding and the Trigemini.c attack code.

Published: 2017-02-14Modified: 2025-04-20

CVSS 2.0HIGH 7.8

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xHIGH 7.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2017-6951

MEDIUM5.5

The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.

Published: 2017-03-16Modified: 2025-04-20

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2018-13099

MEDIUM5.5

An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.

Published: 2018-07-03Modified: 2024-11-21

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2018-13405

HIGH7.8

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.

Published: 2018-07-06Modified: 2024-11-21

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2019-10140

MEDIUM5.5

A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).

Published: 2019-08-15Modified: 2024-11-21

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

Package update kernel-image-std-def in branch c6

Closed issues (921)

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к защищаемой информации

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к защищаемой информации

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании, повысить свои привилегии или выполнить произвольный код

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании, повысить свои привилегии или выполнить произвольный код

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Уязвимость ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к статистике ввода-вывода

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику осуществить доступ к защищаемой информации или вызвать отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из стековой памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать локальный отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать локальный отказ в обслуживании

Уязвимость операционной системы Linux, приводящая к раскрытию информации

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику получить доступ к конфиденциальной информации из памяти ядра

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании или повысить свои привилегии

Уязвимости операционной системы Debian GNU/Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимость операционной системы SUSE Linux Enterprise, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации