Filtered by vendor Linux
Subscribe
Total
5378 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10074 | 1 Linux | 1 Linux Kernel | 2018-05-22 | 4.9 MEDIUM | 5.5 MEDIUM |
| The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval. | |||||
| CVE-2018-8049 | 3 Ibm, Linux, Unisys | 3 Aix, Linux Kernel, Stealth Svg | 2018-05-21 | 5.0 MEDIUM | 7.5 HIGH |
| The Stealth endpoint in Unisys Stealth SVG 2.8.x, 3.0.x before 3.0.1999, 3.1.x, 3.2.x before 3.2.030, and 3.3.x before 3.3.016, when running on Linux and AIX, allows remote attackers to cause a denial of service (crash) via crafted packets. | |||||
| CVE-2018-1091 | 1 Linux | 1 Linux Kernel | 2018-05-09 | 4.9 MEDIUM | 5.5 MEDIUM |
| In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service. | |||||
| CVE-2016-9191 | 1 Linux | 1 Linux Kernel | 2018-05-09 | 4.9 MEDIUM | 5.5 MEDIUM |
| The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity. | |||||
| CVE-2002-1380 | 1 Linux | 1 Linux Kernel | 2018-05-02 | 2.1 LOW | N/A |
| Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface. | |||||
| CVE-2003-0501 | 1 Linux | 1 Linux Kernel | 2018-05-02 | 2.1 LOW | N/A |
| The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries. | |||||
| CVE-2003-0476 | 1 Linux | 1 Linux Kernel | 2018-05-02 | 2.1 LOW | N/A |
| The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors. | |||||
| CVE-2003-0127 | 1 Linux | 1 Linux Kernel | 2018-05-02 | 7.2 HIGH | N/A |
| The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | |||||
| CVE-2004-1016 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2018-05-02 | 2.1 LOW | N/A |
| The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. | |||||
| CVE-2004-1137 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2018-05-02 | 10.0 HIGH | N/A |
| Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. | |||||
| CVE-2017-18224 | 1 Linux | 1 Linux Kernel | 2018-05-02 | 1.9 LOW | 4.7 MEDIUM |
| In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field. | |||||
| CVE-2004-0427 | 1 Linux | 1 Linux Kernel | 2018-05-02 | 2.1 LOW | N/A |
| The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call. | |||||
| CVE-2004-0424 | 3 Linux, Sgi, Slackware | 3 Linux Kernel, Propack, Slackware Linux | 2018-05-02 | 7.2 HIGH | N/A |
| Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | |||||
| CVE-2004-0077 | 4 Linux, Netwosix, Redhat and 1 more | 7 Linux Kernel, Netwosix Linux, Bigmem Kernel and 4 more | 2018-05-02 | 7.2 HIGH | N/A |
| The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. | |||||
| CVE-2003-0985 | 1 Linux | 1 Linux Kernel | 2018-05-02 | 7.2 HIGH | N/A |
| The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. | |||||
| CVE-2013-2929 | 1 Linux | 1 Linux Kernel | 2018-04-27 | 3.3 LOW | N/A |
| The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. | |||||
| CVE-2017-17741 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2018-04-24 | 2.1 LOW | 6.5 MEDIUM |
| The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h. | |||||
| CVE-2017-16994 | 1 Linux | 1 Linux Kernel | 2018-04-24 | 2.1 LOW | 5.5 MEDIUM |
| The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call. | |||||
| CVE-2018-3626 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2018-04-18 | 1.9 LOW | 4.7 MEDIUM |
| Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information. | |||||
| CVE-2017-14140 | 1 Linux | 1 Linux Kernel | 2018-04-11 | 2.1 LOW | 5.5 MEDIUM |
| The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR. | |||||