Linux Kernel CVE Statistics
14 Linux Kernel CVEs in March 2015
Full month · Source: NIST NVD
In March 2015, 14 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 4 were rated High severity and 6 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. March's 14 CVEs represent 16% of all 2015 Linux kernel CVEs , up from February's 1 (a 1300% month-over-month increase) .
14
Total CVEs
0
Critical
4
High
6
Medium
4
Low
0
KEV Exploited
All CVEs — March 2015
14 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2015-1421 | linux | High | 10.0 | 2015-03-16 | Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.… | |
| CVE-2014-7822 | linux | High | 7.2 | 2015-03-16 | The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restricti… | |
| CVE-2014-8173 | linux | High | 7.2 | 2015-03-16 | The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NU… | |
| CVE-2015-0274 | linux | High | 7.2 | 2015-03-16 | The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replac… | |
| CVE-2014-8159 | linux | Medium | 6.9 | 2015-03-16 | The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL… | |
| CVE-2015-1593 | linux | Medium | 5.0 | 2015-03-16 | The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the… | |
| CVE-2014-8160 | linux | Medium | 5.0 | 2015-03-02 | net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during… | |
| CVE-2014-8172 | linux | Medium | 4.9 | 2015-03-16 | The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an ina… | |
| CVE-2015-2150 | linux | Medium | 4.9 | 2015-03-12 | Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, w… | |
| CVE-2015-0239 | linux | Medium | 4.4 | 2015-03-02 | The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER … | |
| CVE-2014-9683 | linux | Low | 3.6 | 2015-03-03 | Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the… | |
| CVE-2013-7421 | linux | Low | 2.1 | 2015-03-02 | The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system … | |
| CVE-2014-9644 | linux | Low | 2.1 | 2015-03-02 | The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system … | |
| CVE-2015-1420 | linux | Low | 1.9 | 2015-03-16 | Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to … |