CVE-2017-0537
- EPSS 1.05%
- Veröffentlicht 08.03.2017 01:59:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
An information disclosure vulnerability in the kernel USB gadget driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged pr...
CVE-2015-2877
- EPSS 0.94%
- Veröffentlicht 03.03.2017 11:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection...
CVE-2016-8660
- EPSS 0.34%
- Veröffentlicht 16.10.2016 21:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data...
CVE-2016-2854
- EPSS 0.95%
- Veröffentlicht 02.05.2016 10:59:34
- Zuletzt bearbeitet 06.05.2026 22:30:45
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
CVE-2016-2853
- EPSS 0.91%
- Veröffentlicht 02.05.2016 10:59:33
- Zuletzt bearbeitet 06.05.2026 22:30:45
The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
CVE-2015-8553
- EPSS 0.38%
- Veröffentlicht 13.04.2016 15:59:07
- Zuletzt bearbeitet 26.05.2026 18:16:35
Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.
CVE-2013-7445
- EPSS 2.73%
- Veröffentlicht 16.10.2015 01:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an applicati...
CVE-2012-4542
- EPSS 0.35%
- Veröffentlicht 28.02.2013 19:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapp...