2016 VULNERABILITY DATABASE
CVE-2015-8746
Summary: fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic.
Published: 5/2/2016 6:59:19 AM
CVSS Severity: v3 - 7.5 HIGH v2 - 5.0 MEDIUM
CVE-2015-8324
Summary: The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function.
Published: 5/2/2016 6:59:18 AM
CVSS Severity: v3 - 4.6 MEDIUM v2 - 4.9 MEDIUM
CVE-2015-8019
Summary: The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call.
Published: 5/2/2016 6:59:17 AM
CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH
CVE-2015-4178
Summary: The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h.
Published: 5/2/2016 6:59:16 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 4.9 MEDIUM
CVE-2015-4177
Summary: The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call.
Published: 5/2/2016 6:59:15 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 4.9 MEDIUM
CVE-2015-4176
Summary: fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory.
Published: 5/2/2016 6:59:13 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 2.1 LOW
CVE-2015-4170
Summary: Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread.
Published: 5/2/2016 6:59:12 AM
CVSS Severity: v3 - 4.7 MEDIUM v2 - 4.7 MEDIUM
CVE-2015-2686
Summary: net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for (1) sendto and (2) recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copy_from_iter function in the iov_iter interface, as demonstrated by the Bluetooth subsystem.
Published: 5/2/2016 6:59:11 AM
CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH
CVE-2015-2672
Summary: The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cause a denial of service (panic) by triggering a fault, as demonstrated by an unaligned memory operand or a non-canonical address memory operand.
Published: 5/2/2016 6:59:10 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 4.9 MEDIUM
CVE-2015-1573
Summary: The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability.
Published: 5/2/2016 6:59:08 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 4.9 MEDIUM
CVE-2015-1350
Summary: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.
Published: 5/2/2016 6:59:07 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 2.1 LOW
CVE-2014-9717
Summary: fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace.
Published: 5/2/2016 6:59:06 AM
CVSS Severity: v3 - 6.1 MEDIUM v2 - 3.6 LOW
CVE-2012-6701
Summary: Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.
Published: 5/2/2016 6:59:05 AM
CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH
CVE-2012-6689
Summary: The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages.
Published: 5/2/2016 6:59:03 AM
CVSS Severity: v3 - 7.8 HIGH v2 - 7.2 HIGH
CVE-2011-5321
Summary: The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted access to a device file under the /dev/pts directory.
Published: 5/2/2016 6:59:02 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 4.9 MEDIUM
CVE-2008-7316
Summary: mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length.
Published: 5/2/2016 6:59:01 AM
CVSS Severity: v3 - 5.5 MEDIUM v2 - 2.1 LOW
CVE-2003-1604
Summary: The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending packets to an interface that has a 0.0.0.0 IP address, a related issue to CVE-2015-8787.
Published: 5/2/2016 6:59:00 AM
CVSS Severity: v3 - 7.5 HIGH v2 - 7.8 HIGH
CVE-2016-4421
Summary: epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (deep recursion, stack consumption, and application crash) via a packet that specifies deeply nested data.
Published: 4/30/2016 9:59:07 PM
CVSS Severity: v3 - 5.9 MEDIUM v2 - 4.3 MEDIUM
CVE-2016-4420
Summary: The NFS dissector in Wireshark 2.x before 2.0.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Published: 4/30/2016 9:59:06 PM
CVSS Severity: v3 - 5.9 MEDIUM v2 - 4.3 MEDIUM
CVE-2016-4419
Summary: epan/dissectors/packet-spice.c in the SPICE dissector in Wireshark 2.x before 2.0.2 mishandles capability data, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.
Published: 4/30/2016 9:59:05 PM
CVSS Severity: v3 - 5.9 MEDIUM v2 - 4.3 MEDIUM