Skip to main content
CVE-2014-3673 HIGH POC PATCH This Week

The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel Enterprise Linux Enterprise Mrg +6
NVD GitHub
CVSS 3.1
7.5
EPSS
9.1%
CVE-2014-3687 HIGH POC PATCH This Week

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel Enterprise Mrg Ubuntu Linux +7
NVD GitHub
CVSS 3.1
7.5
EPSS
3.7%
CVE-2014-8369 HIGH POC PATCH This Week

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Buffer Overflow Linux Kernel Debian Linux +3
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2014-7826 HIGH POC PATCH This Week

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Null Pointer Dereference Linux Kernel Evergreen +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2014-7825 HIGH POC PATCH This Week

kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Information Disclosure Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2014-8652 MEDIUM POC THREAT This Month

Elipse E3 3.x and earlier allows remote attackers to cause a denial of service (application crash and plant outage) via a rapid series of HTTP requests to index.html on TCP port 1681. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.8%.

Denial Of Service E3
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
13.8%
CVE-2014-8559 MEDIUM POC PATCH This Month

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel Ubuntu Linux Suse Linux Enterprise Desktop +6
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2014-3610 MEDIUM POC PATCH This Month

The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Canonical Denial Of Service Linux Linux Kernel Ubuntu Linux +3
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2014-8481 MEDIUM POC PATCH This Month

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2014-8480 MEDIUM POC PATCH This Month

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 lacks intended decoder-table flags for certain RIP-relative instructions, which allows guest. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2014-3646 MEDIUM PATCH This Month

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Enterprise Linux Ubuntu Linux +3
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2014-3647 MEDIUM PATCH This Month

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Enterprise Linux Ubuntu Linux +3
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2014-3690 MEDIUM PATCH This Month

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Linux Intel Linux Kernel Suse Linux Enterprise Desktop +8
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2014-8709 MEDIUM This Month

The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
5.0
EPSS
1.5%
CVE-2014-7207 MEDIUM This Month

A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Debian Linux Linux Kernel
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2014-3611 MEDIUM PATCH This Month

Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS. Rated medium severity (CVSS 4.7).

Denial Of Service Race Condition Linux Linux Kernel Enterprise Linux +2
NVD GitHub
CVSS 3.1
4.7
EPSS
0.0%
CVE-2014-3645 LOW PATCH Monitor

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy