CVE-2016-6156
- EPSS 0.27%
- Veröffentlicht 06.08.2016 20:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access) by changing a certain size value, aka a "double f...
CVE-2016-6136
- EPSS 0.27%
- Veröffentlicht 06.08.2016 20:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "doubl...
CVE-2016-5696
- EPSS 15.07%
- Veröffentlicht 06.08.2016 20:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
CVE-2016-5412
- EPSS 0.35%
- Veröffentlicht 06.08.2016 20:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the ...
CVE-2016-5400
- EPSS 0.37%
- Veröffentlicht 06.08.2016 20:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL...
CVE-2016-3841
- EPSS 0.3%
- Veröffentlicht 06.08.2016 20:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.
CVE-2016-3070
- EPSS 0.42%
- Veröffentlicht 06.08.2016 20:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash)...
CVE-2014-9900
- EPSS 0.52%
- Veröffentlicht 06.08.2016 10:59:44
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive infor...
CVE-2014-9895
- EPSS 0.72%
- Veröffentlicht 06.08.2016 10:59:39
- Zuletzt bearbeitet 06.05.2026 22:30:45
drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a c...
CVE-2014-9892
- EPSS 0.5%
- Veröffentlicht 06.08.2016 10:59:35
- Zuletzt bearbeitet 06.05.2026 22:30:45
The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to o...