Skip to main content
CVE-2016-7910 HIGH POC PATCH This Week

Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Memory Corruption Linux Use After Free Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2016-9318 MEDIUM POC PATCH This Month

libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

XXE Libxml2 Ubuntu Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2016-7913 HIGH PATCH This Week

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Linux Use After Free Linux Kernel +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2016-7912 HIGH PATCH This Week

Use-after-free vulnerability in the ffs_user_copy_worker function in drivers/usb/gadget/function/f_fs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Linux Use After Free Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2016-7911 HIGH PATCH This Week

Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Race Condition Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2015-8961 HIGH PATCH This Week

The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Linux Use After Free Linux Kernel
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2015-8962 HIGH PATCH This Week

Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.1
7.3
EPSS
0.3%
CVE-2015-8963 HIGH PATCH This Week

Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Denial Of Service Race Condition Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.0
EPSS
0.1%
CVE-2016-7915 MEDIUM PATCH This Month

The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Information Disclosure Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2016-7914 MEDIUM PATCH This Month

The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Information Disclosure Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.0
5.5
EPSS
0.2%
CVE-2015-8964 MEDIUM PATCH This Month

The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-7916 MEDIUM PATCH This Month

Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Race Condition Linux Linux Kernel
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-7917 MEDIUM PATCH This Month

The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Information Disclosure Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.0
5.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy