kernel-default (SUSE:Linux Enterprise Server for SAP Applications 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server for SAP Applications 12 package kernel-default, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (168)
CVE-2015-8104 — CVSS 10.0 (critical): The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host…
CVE-2017-5897 — CVSS 9.8 (critical): The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving…
CVE-2016-9555 — CVSS 9.8 (critical): The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk…
CVE-2016-7117 — CVSS 9.8 (critical): Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to…
CVE-2015-8812 — CVSS 9.8 (critical): drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote…
CVE-2015-3331 — CVSS 9.3 (critical): The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine…
CVE-2016-3134 — CVSS 8.4 (high): The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain…
CVE-2017-2583 — CVSS 8.4 (high): The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL…
CVE-2015-8550 — CVSS 8.2 (high): Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain…
CVE-2015-5364 — CVSS 7.8 (high): The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which…
CVE-2014-9904 — CVSS 7.8 (high): The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not…
CVE-2015-1465 — CVSS 7.8 (high): The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period…
CVE-2015-8539 — CVSS 7.8 (high): The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted…
CVE-2016-0728 — CVSS 7.8 (high): The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a…
CVE-2016-0758 — CVSS 7.8 (high): Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
CVE-2016-10044 — CVSS 7.8 (high): The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for…
CVE-2016-1583 — CVSS 7.8 (high): The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or…
CVE-2016-2143 — CVSS 7.8 (high): The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local…
CVE-2016-3070 — CVSS 7.8 (high): The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with…
CVE-2016-3672 — CVSS 7.8 (high): The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base…
CVE-2016-4565 — CVSS 7.8 (high): The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to…
CVE-2016-4805 — CVSS 7.8 (high): Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of…
CVE-2016-4997 — CVSS 7.8 (high): The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before…
CVE-2016-5828 — CVSS 7.8 (high): The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional…
CVE-2016-5829 — CVSS 7.8 (high): Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3…
CVE-2016-7425 — CVSS 7.8 (high): The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain…
CVE-2016-7910 — CVSS 7.8 (high): Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain…
CVE-2016-7911 — CVSS 7.8 (high): Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or…
CVE-2016-7913 — CVSS 7.8 (high): The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges…
CVE-2016-8632 — CVSS 7.8 (high): The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum…
CVE-2016-8655 — CVSS 7.8 (high): Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of…
CVE-2016-9083 — CVSS 7.8 (high): drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of…
CVE-2016-9084 — CVSS 7.8 (high): drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a…
CVE-2016-9576 — CVSS 7.8 (high): The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator…
CVE-2016-9793 — CVSS 7.8 (high): The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf…
CVE-2016-9794 — CVSS 7.8 (high): Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows…
CVE-2016-9806 — CVSS 7.8 (high): Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a…
CVE-2017-1000111 — CVSS 7.8 (high): Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a…
CVE-2017-5669 — CVSS 7.8 (high): The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding…
CVE-2017-6074 — CVSS 7.8 (high): The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data…
CVE-2017-6345 — CVSS 7.8 (high): The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which…
CVE-2017-7184 — CVSS 7.8 (high): The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an…
CVE-2017-7187 — CVSS 7.8 (high): The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based…
CVE-2017-7294 — CVSS 7.8 (high): The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate…
CVE-2017-7308 — CVSS 7.8 (high): The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size…
CVE-2016-2117 — CVSS 7.5 (high): The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather…
CVE-2016-5244 — CVSS 7.5 (high): The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which…
CVE-2017-5970 — CVSS 7.5 (high): The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service…
CVE-2014-3673 — CVSS 7.5 (high): The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a…
CVE-2017-6214 — CVSS 7.5 (high): The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service…
CVE-2014-3687 — CVSS 7.5 (high): The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows…
CVE-2016-2069 — CVSS 7.4 (high): Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging…
CVE-2017-1000364 — CVSS 7.4 (high): An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can…
CVE-2015-8962 — CVSS 7.3 (high): Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain…
CVE-2015-5157 — CVSS 7.2 (high): arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred…
CVE-2015-4036 — CVSS 7.2 (high): Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to…
CVE-2014-7822 — CVSS 7.2 (high): The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum…
CVE-2015-1805 — CVSS 7.2 (high): The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects…
CVE-2017-2584 — CVSS 7.1 (high): arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a…
CVE-2016-8399 — CVSS 7.0 (high): An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary…
CVE-2015-8543 — CVSS 7.0 (high): The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol…
CVE-2015-8709 — CVSS 7.0 (high): kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by…
CVE-2015-8963 — CVSS 7.0 (high): Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service…
CVE-2016-10088 — CVSS 7.0 (high): The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option…
CVE-2016-10200 — CVSS 7.0 (high): Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a…
CVE-2017-6346 — CVSS 7.0 (high): Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free)…
CVE-2017-7533 — CVSS 7.0 (high): Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of…
CVE-2017-1000112 — CVSS 7.0 (high): Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data()…
CVE-2017-2636 — CVSS 7.0 (high): Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of…
CVE-2014-8159 — CVSS 6.9 (medium): The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not…
CVE-2015-2666 — CVSS 6.9 (medium): Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel…
CVE-2015-2925 — CVSS 6.9 (medium): The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount…
CVE-2015-7613 — CVSS 6.9 (medium): Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an…
CVE-2016-0723 — CVSS 6.8 (medium): Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive…
CVE-2016-8633 — CVSS 6.8 (medium): drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute…
CVE-2016-0774 — CVSS 6.8 (medium): The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before…
CVE-2015-8816 — CVSS 6.8 (medium): The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data…
CVE-2016-2847 — CVSS 6.2 (medium): fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of…
CVE-2015-3339 — CVSS 6.2 (medium): Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by…
CVE-2016-4482 — CVSS 6.2 (medium): The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure…
CVE-2016-7042 — CVSS 6.2 (medium): The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack…
CVE-2015-8785 — CVSS 6.2 (medium): The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service…
CVE-2015-8767 — CVSS 6.2 (medium): net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows…
CVE-2015-5156 — CVSS 6.1 (medium): The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper…
CVE-2015-8956 — CVSS 6.1 (medium): The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive…
CVE-2016-8658 — CVSS 6.1 (medium): Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the…
CVE-2014-9717 — CVSS 6.1 (medium): fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is…
CVE-2015-8551 — CVSS 6.0 (medium): The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest…
CVE-2015-7990 — CVSS 5.8 (medium): Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of…
CVE-2016-6327 — CVSS 5.5 (medium): drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer…
CVE-2015-8964 — CVSS 5.5 (medium): The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive…
CVE-2016-9588 — CVSS 5.5 (medium): arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of…
CVE-2017-2671 — CVSS 5.5 (medium): The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently…
CVE-2014-8559 — CVSS 5.5 (medium): The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows…
CVE-2016-9756 — CVSS 5.5 (medium): arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which…
CVE-2017-7616 — CVSS 5.5 (medium): Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local…
CVE-2017-7261 — CVSS 5.5 (medium): The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a…
CVE-2017-5986 — CVSS 5.5 (medium): Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a…
CVE-2015-1350 — CVSS 5.5 (medium): The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing…
CVE-2015-7550 — CVSS 5.5 (medium): The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows…
CVE-2016-8645 — CVSS 5.5 (medium): The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system…
CVE-2014-3647 — CVSS 5.5 (medium): arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS…
CVE-2016-3156 — CVSS 5.5 (medium): The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a…
CVE-2017-6348 — CVSS 5.5 (medium): The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local…
CVE-2016-6828 — CVSS 5.5 (medium): The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after…
CVE-2016-7914 — CVSS 5.5 (medium): The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a…
CVE-2016-4470 — CVSS 5.5 (medium): The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is…
CVE-2017-6353 — CVSS 5.5 (medium): net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states…
CVE-2016-4569 — CVSS 5.5 (medium): The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure…
CVE-2016-4578 — CVSS 5.5 (medium): sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain…
CVE-2015-8845 — CVSS 5.5 (medium): The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that…
CVE-2016-5243 — CVSS 5.5 (medium): The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain…
CVE-2013-7446 — CVSS 5.3 (medium): Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket…
CVE-2016-6480 — CVSS 5.1 (medium): Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to…
CVE-2014-7841 — CVSS 5.0 (medium): The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is…
CVE-2014-8160 — CVSS 5.0 (medium): net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain…
CVE-2015-0272 — CVSS 5.0 (medium): GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6…
CVE-2015-5366 — CVSS 5.0 (medium): The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which…
CVE-2014-9729 — CVSS 4.9 (medium): The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency…
CVE-2015-6937 — CVSS 4.9 (medium): The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service…
CVE-2015-7799 — CVSS 4.9 (medium): The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid…
CVE-2014-9728 — CVSS 4.9 (medium): The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a…
CVE-2014-9730 — CVSS 4.9 (medium): The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows…
CVE-2015-2150 — CVSS 4.9 (medium): Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow…
CVE-2015-3212 — CVSS 4.9 (medium): Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and…
CVE-2015-3332 — CVSS 4.9 (medium): A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which…
CVE-2015-3636 — CVSS 4.9 (medium): The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an…
CVE-2015-4692 — CVSS 4.9 (medium): The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service…
CVE-2015-5307 — CVSS 4.9 (medium): The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host…
CVE-2016-5696 — CVSS 4.8 (medium): net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier…
CVE-2016-2053 — CVSS 4.7 (medium): The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic)…
CVE-2016-6130 — CVSS 4.7 (medium): Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to…
CVE-2014-8086 — CVSS 4.7 (medium): Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial…
CVE-2015-5283 — CVSS 4.7 (medium): The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps…
CVE-2015-4167 — CVSS 4.7 (medium): The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local…
CVE-2016-2384 — CVSS 4.6 (medium): Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate…
CVE-2016-2188 — CVSS 4.6 (medium): The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to…
CVE-2016-2186 — CVSS 4.6 (medium): The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to…
CVE-2016-2185 — CVSS 4.6 (medium): The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers…
CVE-2015-2041 — CVSS 4.6 (medium): net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain…
CVE-2015-2042 — CVSS 4.6 (medium): net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain…
CVE-2016-3140 — CVSS 4.6 (medium): The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers…
CVE-2016-3138 — CVSS 4.6 (medium): The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a…
CVE-2016-3137 — CVSS 4.6 (medium): drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL…
CVE-2016-3136 — CVSS 4.6 (medium): The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers…
CVE-2015-5707 — CVSS 4.6 (medium): Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to…
CVE-2016-2782 — CVSS 4.6 (medium): The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a…
CVE-2016-2184 — CVSS 4.6 (medium): The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically…
CVE-2016-3951 — CVSS 4.6 (medium): Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a…
CVE-2016-3689 — CVSS 4.6 (medium): The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers…
CVE-2016-3139 — CVSS 4.6 (medium): The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause…
CVE-2015-8552 — CVSS 4.4 (medium): The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest…
CVE-2017-5551 — CVSS 4.4 (medium): The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a…
CVE-2016-7097 — CVSS 4.4 (medium): The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users…
CVE-2016-10208 — CVSS 4.3 (medium): The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which…
CVE-2015-8575 — CVSS 4.0 (medium): The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local…
CVE-2015-2922 — CVSS 3.3 (low): The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the…
CVE-2016-4486 — CVSS 3.3 (low): The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure…
CVE-2015-8569 — CVSS 2.3 (low): The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address…
CVE-2014-9584 — CVSS 2.1 (low): The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the…
CVE-2014-9419 — CVSS 2.1 (low): The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS)…
CVE-2015-5697 — CVSS 2.1 (low): The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which…
CVE-2014-9731 — CVSS 2.1 (low): The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's…
CVE-2015-0777 — CVSS 2.1 (low): drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the…
CVE-2015-7872 — CVSS 2.1 (low): The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service…
CVE-2015-6252 — CVSS 2.1 (low): The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service…
CVE-2015-2830 — CVSS 1.9 (low): arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which…