- EPSS 0.33%
- Veröffentlicht 14.02.2017 06:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distinguished from PID values inside a PID namespace) by reading the /proc/timer_list file, related to the pr...
CVE-2017-5972
- EPSS 23.89%
- Veröffentlicht 14.02.2017 06:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many TCP SYN packet...
- EPSS 0.42%
- Veröffentlicht 28.12.2016 07:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111.
- EPSS 0.43%
- Veröffentlicht 28.12.2016 07:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 31095224.
CVE-2015-8970
- EPSS 0.5%
- Veröffentlicht 28.11.2016 03:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer der...
CVE-2015-8952
- EPSS 0.45%
- Veröffentlicht 16.10.2016 21:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use ...
CVE-2016-6198
- EPSS 0.61%
- Veröffentlicht 06.08.2016 20:59:13
- Zuletzt bearbeitet 06.05.2026 22:30:45
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related t...
CVE-2016-6197
- EPSS 0.49%
- Veröffentlicht 06.08.2016 20:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of serv...
CVE-2016-2854
- EPSS 0.95%
- Veröffentlicht 02.05.2016 10:59:34
- Zuletzt bearbeitet 06.05.2026 22:30:45
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
CVE-2016-2853
- EPSS 0.91%
- Veröffentlicht 02.05.2016 10:59:33
- Zuletzt bearbeitet 06.05.2026 22:30:45
The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.