The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions. Rated medium severity (CVSS 6.2). Public exploit code available and no vendor patch available.
The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.
arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available.
arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of. Rated medium severity (CVSS 4.7). No vendor patch available.
mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service (i_mutex. Rated medium severity (CVSS 4.7). No vendor patch available.