CVE-2017-8068
- EPSS 0.04%
- Published 23.04.2017 05:59:00
- Last modified 20.04.2025 01:37:25
drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other im...
CVE-2017-8069
- EPSS 0.12%
- Published 23.04.2017 05:59:00
- Last modified 20.04.2025 01:37:25
drivers/net/usb/rtl8150.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other im...
CVE-2017-8070
- EPSS 0.11%
- Published 23.04.2017 05:59:00
- Last modified 20.04.2025 01:37:25
drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impac...
CVE-2017-8071
- EPSS 0.1%
- Published 23.04.2017 05:59:00
- Last modified 20.04.2025 01:37:25
drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via unspecified vectors.
CVE-2017-8072
- EPSS 0.1%
- Published 23.04.2017 05:59:00
- Last modified 20.04.2025 01:37:25
The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vecto...
CVE-2017-7979
- EPSS 0.04%
- Published 19.04.2017 23:59:00
- Last modified 20.04.2025 01:37:25
The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refco...
CVE-2017-7645
- EPSS 16.01%
- Published 18.04.2017 14:59:00
- Last modified 20.04.2025 01:37:25
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
CVE-2017-7889
- EPSS 0.03%
- Published 17.04.2017 00:59:00
- Last modified 20.04.2025 01:37:25
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access re...
CVE-2016-5856
- EPSS 0.05%
- Published 12.04.2017 22:59:00
- Last modified 20.04.2025 01:37:25
Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857.
CVE-2017-7616
- EPSS 0.08%
- Published 10.04.2017 14:59:00
- Last modified 20.04.2025 01:37:25
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap op...