Skip to main content

Suse Linux Enterprise Real Time Extension

34 CVEs product

Monthly

CVE-2016-4997 HIGH POC PATCH Act Now

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Privilege Escalation Linux Buffer Overflow Linux Kernel +9
NVD GitHub Exploit-DB
CVSS 3.1
7.8
EPSS
4.8%
CVE-2016-5829 HIGH PATCH This Week

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Buffer Overflow Debian Linux Linux Kernel +2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-5828 HIGH PATCH This Week

The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Suse Linux Enterprise Real Time Extension Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-4470 MEDIUM PATCH This Month

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Vm Server Linux Kernel Suse Linux Enterprise Real Time Extension +10
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-3707 HIGH This Week

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Red Hat Linux Authentication Bypass Linux Kernel Rt Enterprise Linux For Real Time +2
NVD
CVSS 3.0
8.1
EPSS
1.8%
CVE-2014-9904 HIGH PATCH This Week

The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Debian Linux Suse Linux Enterprise Real Time Extension
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2016-4805 HIGH PATCH This Week

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Denial Of Service Use After Free Linux Buffer Overflow +11
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-4569 MEDIUM PATCH This Month

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel Ubuntu Linux Suse Linux Enterprise Software Development Kit +7
NVD GitHub
CVSS 3.0
5.5
EPSS
0.3%
CVE-2016-4486 LOW POC PATCH Monitor

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo Suse Linux Enterprise Desktop +7
NVD Exploit-DB GitHub
CVSS 3.0
3.3
EPSS
0.5%
CVE-2016-4482 MEDIUM PATCH This Month

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Ubuntu Linux Linux Kernel Suse Linux Enterprise Software Development Kit +8
NVD GitHub
CVSS 3.0
6.2
EPSS
0.0%
CVE-2016-3951 MEDIUM PATCH This Month

Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Ubuntu Linux Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop +6
NVD GitHub
CVSS 3.0
4.6
EPSS
0.0%
CVE-2016-3689 MEDIUM PATCH This Month

The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop Suse Linux Enterprise Live Patching +6
NVD GitHub
CVSS 3.0
4.6
EPSS
0.1%
CVE-2016-3140 MEDIUM POC This Month

The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Ubuntu Linux Linux Kernel Suse Linux Enterprise Software Development Kit +7
NVD GitHub Exploit-DB
CVSS 3.0
4.6
EPSS
0.2%
CVE-2016-3138 MEDIUM This Month

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash). Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel Ubuntu Linux Suse Linux Enterprise Software Development Kit +7
NVD GitHub
CVSS 3.0
4.6
EPSS
0.0%
CVE-2016-3137 MEDIUM This Month

drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo Suse Linux Enterprise Desktop +7
NVD GitHub
CVSS 3.0
4.6
EPSS
0.0%
CVE-2016-3136 MEDIUM POC This Month

The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Linux Kernel Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop +6
NVD GitHub Exploit-DB
CVSS 3.0
4.6
EPSS
0.2%
CVE-2016-2188 MEDIUM POC PATCH This Month

The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo Suse Linux Enterprise Desktop +7
NVD Exploit-DB GitHub
CVSS 3.0
4.6
EPSS
0.1%
CVE-2016-2186 MEDIUM POC PATCH This Month

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo +7
NVD GitHub
CVSS 3.0
4.6
EPSS
0.0%
CVE-2016-2185 MEDIUM POC PATCH This Month

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Ubuntu Linux Linux Kernel Suse Linux Enterprise Software Development Kit +7
NVD GitHub
CVSS 3.0
4.6
EPSS
0.0%
CVE-2016-3672 HIGH POC PATCH This Week

The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Authentication Bypass Ubuntu Linux Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Desktop +6
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-3156 MEDIUM PATCH This Month

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo Suse Linux Enterprise Desktop +7
NVD GitHub
CVSS 3.0
5.5
EPSS
0.0%
CVE-2016-3139 MEDIUM POC This Month

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo Suse Linux Enterprise Desktop +6
NVD GitHub Exploit-DB
CVSS 3.0
4.6
EPSS
0.1%
CVE-2016-3134 HIGH POC This Week

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption). Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Buffer Overflow Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo +7
NVD GitHub Exploit-DB
CVSS 3.0
8.4
EPSS
0.0%
CVE-2016-2847 MEDIUM PATCH This Month

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo +6
NVD GitHub
CVSS 3.0
6.2
EPSS
0.1%
CVE-2016-2384 MEDIUM POC PATCH This Month

Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel Suse Linux Enterprise Real Time Extension
NVD GitHub Exploit-DB
CVSS 3.0
4.6
EPSS
9.0%
CVE-2016-2184 MEDIUM POC PATCH This Month

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel Ubuntu Linux Suse Linux Enterprise Software Development Kit +7
NVD Exploit-DB GitHub
CVSS 3.0
4.6
EPSS
0.1%
CVE-2015-8845 MEDIUM PATCH This Month

The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Authentication Bypass Linux Kernel Suse Linux Enterprise Live Patching +6
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2015-8816 MEDIUM PATCH This Month

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo Suse Linux Enterprise Desktop +8
NVD GitHub
CVSS 3.1
6.8
EPSS
0.1%
CVE-2015-8812 CRITICAL PATCH Act Now

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service RCE Linux Suse Linux Enterprise Real Time Extension Linux Kernel +1
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2015-1339 MEDIUM PATCH This Month

Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Suse Linux Enterprise Debuginfo Suse Linux Enterprise Real Time Extension
NVD GitHub
CVSS 3.0
6.2
EPSS
0.0%
CVE-2015-8550 HIGH Act Now

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Epss exploitation probability 16.0% and no vendor patch available.

Denial Of Service Authentication Bypass Xen Suse Linux Enterprise Real Time Extension
NVD
CVSS 3.0
8.2
EPSS
16.0%
CVE-2015-8552 MEDIUM This Month

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen Ubuntu Linux Debian Linux Suse Linux Enterprise Debuginfo +1
NVD
CVSS 3.0
4.4
EPSS
0.2%
CVE-2015-7566 MEDIUM POC This Month

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit Suse Linux Enterprise Debuginfo Suse Linux Enterprise Real Time Extension +2
NVD GitHub Exploit-DB
CVSS 3.0
4.6
EPSS
0.5%
CVE-2015-7833 MEDIUM POC This Month

The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Red Hat Linux Suse Linux Enterprise Real Time Extension Enterprise Linux
NVD
CVSS 2.0
4.9
EPSS
0.2%
EPSS 5% CVSS 7.8
HIGH POC PATCH Act Now

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Privilege Escalation Linux +11
NVD GitHub Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Buffer Overflow +4
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Vm Server +12
NVD GitHub
EPSS 2% CVSS 8.1
HIGH This Week

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Red Hat Linux Authentication Bypass +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Denial Of Service Use After Free +13
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel +9
NVD GitHub
EPSS 1% CVSS 3.3
LOW POC PATCH Monitor

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Suse Linux Enterprise Software Development Kit +9
NVD Exploit-DB GitHub
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Ubuntu Linux +10
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Ubuntu Linux +8
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit +8
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM POC This Month

The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Ubuntu Linux +9
NVD GitHub Exploit-DB
EPSS 0% CVSS 4.6
MEDIUM This Month

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash). Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel +9
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM This Month

drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit +9
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM POC This Month

The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Linux Kernel +8
NVD GitHub Exploit-DB
EPSS 0% CVSS 4.6
MEDIUM POC PATCH This Month

The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit +9
NVD Exploit-DB GitHub
EPSS 0% CVSS 4.6
MEDIUM POC PATCH This Month

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel +9
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM POC PATCH This Month

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Ubuntu Linux +9
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Authentication Bypass Ubuntu Linux +8
NVD GitHub Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit +9
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM POC This Month

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit +8
NVD GitHub Exploit-DB
EPSS 0% CVSS 8.4
HIGH POC This Week

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption). Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Buffer Overflow +9
NVD GitHub Exploit-DB
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel +8
NVD GitHub
EPSS 9% CVSS 4.6
MEDIUM POC PATCH This Month

Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel +1
NVD GitHub Exploit-DB
EPSS 0% CVSS 4.6
MEDIUM POC PATCH This Month

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel +9
NVD Exploit-DB GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Authentication Bypass +8
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit +10
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service RCE Linux +3
NVD GitHub
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel +2
NVD GitHub
EPSS 16% CVSS 8.2
HIGH Act Now

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Epss exploitation probability 16.0% and no vendor patch available.

Denial Of Service Authentication Bypass Xen +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen Ubuntu Linux +3
NVD
EPSS 0% CVSS 4.6
MEDIUM POC This Month

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Suse Linux Enterprise Software Development Kit +4
NVD GitHub Exploit-DB
EPSS 0% CVSS 4.9
MEDIUM POC This Month

The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Red Hat Linux +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy