Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linux linux kernel 4.8 vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv2
CVE-2019-11190
The Linux kernel prior to 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.
Linux Linux Kernel
2.1
CVSSv2
CVE-2017-5550
Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel prior to 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release d...
Linux Linux Kernel
7.2
CVSSv2
CVE-2016-8636
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel prior to 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impa...
Linux Linux Kernel
7.2
CVSSv2
CVE-2017-5576
Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel prior to 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl...
Linux Linux Kernel
2.1
CVSSv2
CVE-2017-9150
The do_check function in kernel/bpf/verifier.c in the Linux kernel prior to 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system ...
Linux Linux Kernel
1 EDB exploit
4.9
CVSSv2
CVE-2017-7261
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel up to and including 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and po...
Linux Linux Kernel
7.2
CVSSv2
CVE-2017-6347
The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel prior to 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system...
Linux Linux Kernel
7.2
CVSSv2
CVE-2016-9083
drivers/vfio/pci/vfio_pci.c in the Linux kernel up to and including 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SE...
Linux Linux Kernel
4.6
CVSSv2
CVE-2016-9084
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel up to and including 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
Linux Linux Kernel
7.8
CVSSv2
CVE-2017-7618
crypto/ahash.c in the Linux kernel up to and including 4.10.9 allows malicious users to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
Linux Linux Kernel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »