The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Linux kernel

computer vulnerability note CVE-2016-9588

Linux kernel: denial of service via KVM

Synthesis of the vulnerability

An attacker, inside a guest system, on a host using twice the KVM virtualization, can generate a fatal error in the Linux kernel, in order to trigger a denial of service on the host system.
Impacted products: Debian, Fedora, QRadar SIEM, Linux, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 15/12/2016.
Identifiers: 2011746, CERTFR-2017-AVI-058, CERTFR-2017-AVI-162, CERTFR-2018-AVI-557, CVE-2016-9588, DLA-849-1, DSA-3804-1, FEDORA-2016-2b1f91e9bd, FEDORA-2016-dd895763ac, RHSA-2017:1842-01, RHSA-2017:2077-01, SUSE-SU-2017:1247-1, SUSE-SU-2017:1360-1, USN-3208-1, USN-3208-2, USN-3209-1, USN-3822-1, USN-3822-2, VIGILANCE-VUL-21389.

Description of the vulnerability

An attacker, inside a guest system, on a host using twice the KVM virtualization, can generate a fatal error in the Linux kernel, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-8399

Linux kernel: out-of-bounds memory reading via ICMP Header

Synthesis of the vulnerability

An attacker can force a read at an invalid address via ICMP Header on the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, Android OS, Linux, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 12/12/2016.
Identifiers: CERTFR-2017-AVI-034, CERTFR-2017-AVI-039, CERTFR-2017-AVI-042, CERTFR-2017-AVI-044, CERTFR-2017-AVI-045, CERTFR-2017-AVI-050, CERTFR-2017-AVI-053, CERTFR-2017-AVI-054, CERTFR-2017-AVI-131, CERTFR-2017-AVI-375, CVE-2016-8399, DLA-772-1, FEDORA-2016-02db2f32fd, FEDORA-2016-e5b72816d0, K23030550, RHSA-2017:0817-01, RHSA-2017:0869-01, RHSA-2017:2930-01, RHSA-2017:2931-01, SUSE-SU-2017:0333-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:0437-1, SUSE-SU-2017:0464-1, SUSE-SU-2017:0471-1, SUSE-SU-2017:0494-1, SUSE-SU-2017:1102-1, USN-3189-1, USN-3189-2, USN-3190-1, USN-3190-2, VIGILANCE-VUL-21354.

Description of the vulnerability

An attacker can force a read at an invalid address via ICMP Header on the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-9576

Linux kernel: memory corruption via blk_rq_map_user_iov

Synthesis of the vulnerability

An attacker can generate a memory corruption via blk_rq_map_user_iov() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, QRadar SIEM, Linux, openSUSE, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: administrator access/rights, data reading, denial of service on server.
Provenance: user shell.
Creation date: 09/12/2016.
Identifiers: 2011746, CERTFR-2016-AVI-420, CERTFR-2017-AVI-042, CERTFR-2017-AVI-131, CERTFR-2017-AVI-287, CVE-2016-9576, DLA-772-1, FEDORA-2016-107f03cc00, FEDORA-2016-5aff4a6bbc, FEDORA-2016-5cb5b4082d, K05513373, openSUSE-SU-2016:3085-1, openSUSE-SU-2016:3086-1, openSUSE-SU-2016:3118-1, RHSA-2017:0817-01, RHSA-2017:1842-01, RHSA-2017:2077-01, RHSA-2017:2669-01, SUSE-SU-2016:3146-1, SUSE-SU-2016:3188-1, SUSE-SU-2016:3203-1, SUSE-SU-2016:3217-1, SUSE-SU-2016:3248-1, SUSE-SU-2016:3252-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:1102-1, VIGILANCE-VUL-21339.

Description of the vulnerability

An attacker can generate a memory corruption via blk_rq_map_user_iov() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-7916

Linux kernel: information disclosure via environ_read

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via environ_read() on the Linux kernel, in order to obtain sensitive information.
Impacted products: Linux, openSUSE, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 09/12/2016.
Identifiers: CERTFR-2016-AVI-426, CERTFR-2017-AVI-034, CERTFR-2017-AVI-044, CERTFR-2017-AVI-054, CERTFR-2017-AVI-131, CVE-2016-7916, openSUSE-SU-2016:3061-1, SUSE-SU-2017:0333-1, SUSE-SU-2017:0437-1, SUSE-SU-2017:0494-1, SUSE-SU-2017:1102-1, USN-3159-1, USN-3159-2, USN-3160-1, USN-3160-2, VIGILANCE-VUL-21337.

Description of the vulnerability

An attacker can bypass access restrictions to data via environ_read() on the Linux kernel, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-7914

Linux kernel: information disclosure via assoc_array_insert_into_terminal_node

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via assoc_array_insert_into_terminal_node() on the Linux kernel, in order to obtain sensitive information.
Impacted products: Linux, openSUSE, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 09/12/2016.
Identifiers: CERTFR-2017-AVI-042, CERTFR-2017-AVI-050, CERTFR-2017-AVI-053, CERTFR-2017-AVI-275, CVE-2016-7914, openSUSE-SU-2016:3061-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:0464-1, SUSE-SU-2017:0471-1, USN-3406-1, USN-3406-2, VIGILANCE-VUL-21336.

Description of the vulnerability

An attacker can bypass access restrictions to data via assoc_array_insert_into_terminal_node() on the Linux kernel, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-7911

Linux kernel: use after free via get_task_ioprio

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via get_task_ioprio() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Linux, openSUSE, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server.
Provenance: user shell.
Creation date: 09/12/2016.
Identifiers: CERTFR-2017-AVI-034, CERTFR-2017-AVI-042, CERTFR-2017-AVI-044, CERTFR-2017-AVI-050, CERTFR-2017-AVI-053, CERTFR-2017-AVI-054, CERTFR-2017-AVI-058, CERTFR-2017-AVI-131, CVE-2016-7911, DLA-772-1, openSUSE-SU-2016:3061-1, SUSE-SU-2017:0333-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:0437-1, SUSE-SU-2017:0464-1, SUSE-SU-2017:0471-1, SUSE-SU-2017:0494-1, SUSE-SU-2017:1102-1, USN-3206-1, USN-3207-1, USN-3207-2, VIGILANCE-VUL-21335.

Description of the vulnerability

An attacker can force the usage of a freed memory area via get_task_ioprio() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-7910

Linux kernel: use after free via disk_seqf_stop

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via disk_seqf_stop() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server.
Provenance: user shell.
Creation date: 09/12/2016.
Identifiers: CERTFR-2017-AVI-034, CERTFR-2017-AVI-042, CERTFR-2017-AVI-044, CERTFR-2017-AVI-050, CERTFR-2017-AVI-053, CERTFR-2017-AVI-054, CERTFR-2017-AVI-058, CERTFR-2017-AVI-131, CVE-2016-7910, DLA-772-1, openSUSE-SU-2016:3061-1, RHSA-2017:0892-01, RHSA-2017:1297-01, RHSA-2017:1298-01, RHSA-2017:1308-01, SUSE-SU-2017:0333-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:0437-1, SUSE-SU-2017:0464-1, SUSE-SU-2017:0471-1, SUSE-SU-2017:0494-1, SUSE-SU-2017:1102-1, USN-3206-1, USN-3207-1, USN-3207-2, VIGILANCE-VUL-21334.

Description of the vulnerability

An attacker can force the usage of a freed memory area via disk_seqf_stop() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2016-7913

Linux kernel: use after free via xc2028_set_config

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via xc2028_set_config() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Linux, openSUSE, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server.
Provenance: user shell.
Creation date: 08/12/2016.
Identifiers: CERTFR-2017-AVI-016, CERTFR-2017-AVI-042, CERTFR-2017-AVI-050, CERTFR-2017-AVI-053, CERTFR-2017-AVI-169, CERTFR-2018-AVI-508, CVE-2016-7913, openSUSE-SU-2016:3058-1, openSUSE-SU-2016:3061-1, RHSA-2018:0676-01, RHSA-2018:1062-01, RHSA-2019:1170-01, RHSA-2019:1190-01, SUSE-SU-2017:0181-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:0464-1, SUSE-SU-2017:0471-1, USN-3312-1, USN-3312-2, USN-3798-1, USN-3798-2, VIGILANCE-VUL-21332.

Description of the vulnerability

An attacker can force the usage of a freed memory area via xc2028_set_config() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2015-8963

Linux kernel: use after free via swevent

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via swevent on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Linux, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server.
Provenance: user shell.
Creation date: 08/12/2016.
Identifiers: CERTFR-2017-AVI-042, CERTFR-2017-AVI-050, CERTFR-2017-AVI-053, CERTFR-2017-AVI-233, CVE-2015-8963, DLA-772-1, openSUSE-SU-2016:3058-1, openSUSE-SU-2016:3061-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:0464-1, SUSE-SU-2017:0471-1, USN-3360-1, USN-3360-2, VIGILANCE-VUL-21331.

Description of the vulnerability

An attacker can force the usage of a freed memory area via swevent on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2015-8962

Linux kernel: use after free via sg_common_write

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via sg_common_write() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Linux, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 08/12/2016.
Identifiers: CERTFR-2017-AVI-034, CERTFR-2017-AVI-042, CERTFR-2017-AVI-044, CERTFR-2017-AVI-050, CERTFR-2017-AVI-053, CERTFR-2017-AVI-054, CERTFR-2017-AVI-131, CERTFR-2017-AVI-233, CVE-2015-8962, DLA-772-1, openSUSE-SU-2016:3058-1, openSUSE-SU-2016:3061-1, SUSE-SU-2017:0333-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:0437-1, SUSE-SU-2017:0464-1, SUSE-SU-2017:0471-1, SUSE-SU-2017:0494-1, SUSE-SU-2017:1102-1, USN-3360-1, USN-3360-2, VIGILANCE-VUL-21330.

Description of the vulnerability

An attacker can force the usage of a freed memory area via sg_common_write() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Linux kernel: