CVE-2016-2117
- EPSS 6.39%
- Veröffentlicht 02.05.2016 10:59:27
- Zuletzt bearbeitet 06.05.2026 22:30:45
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.
CVE-2016-1576
- EPSS 1.06%
- Veröffentlicht 02.05.2016 10:59:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted s...
CVE-2016-1575
- EPSS 0.92%
- Veröffentlicht 02.05.2016 10:59:23
- Zuletzt bearbeitet 06.05.2026 22:30:45
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
CVE-2015-8839
- EPSS 0.35%
- Veröffentlicht 02.05.2016 10:59:22
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized h...
CVE-2015-8325
- EPSS 0.63%
- Veröffentlicht 01.05.2016 01:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted...
CVE-2016-3672
- EPSS 1.17%
- Veröffentlicht 27.04.2016 17:59:27
- Zuletzt bearbeitet 06.05.2026 22:30:45
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, a...
CVE-2016-3156
- EPSS 0.55%
- Veröffentlicht 27.04.2016 17:59:26
- Zuletzt bearbeitet 06.05.2026 22:30:45
The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.
CVE-2016-3135
- EPSS 1.01%
- Veröffentlicht 27.04.2016 17:59:23
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLA...
CVE-2016-2383
- EPSS 0.37%
- Veröffentlicht 27.04.2016 17:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and th...
CVE-2016-2184
- EPSS 1.95%
- Veröffentlicht 27.04.2016 17:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) v...