CVE-2016-1575
- EPSS 0.92%
- Veröffentlicht 02.05.2016 10:59:23
- Zuletzt bearbeitet 06.05.2026 22:30:45
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
CVE-2015-8839
- EPSS 0.35%
- Veröffentlicht 02.05.2016 10:59:22
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized h...
CVE-2015-8830
- EPSS 0.5%
- Veröffentlicht 02.05.2016 10:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of ...
CVE-2015-8746
- EPSS 3.1%
- Veröffentlicht 02.05.2016 10:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted ...
CVE-2015-8324
- EPSS 0.43%
- Veröffentlicht 02.05.2016 10:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a craft...
CVE-2015-4170
- EPSS 0.33%
- Veröffentlicht 02.05.2016 10:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread...
CVE-2015-1350
- EPSS 0.49%
- Veröffentlicht 02.05.2016 10:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a...
CVE-2014-9717
- EPSS 0.33%
- Veröffentlicht 02.05.2016 10:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneat...
CVE-2012-6689
- EPSS 0.31%
- Veröffentlicht 02.05.2016 10:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages.
CVE-2011-5321
- EPSS 0.37%
- Veröffentlicht 02.05.2016 10:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other im...