Linux Kernel CVE Statistics
30 Linux Kernel CVEs in April 2016
Full month · Source: NIST NVD
In April 2016, 30 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 1 was rated Critical, 6 were rated High severity and 23 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. April's 30 CVEs represent 13% of all 2016 Linux kernel CVEs , up from March's 2 (a 1400% month-over-month increase) .
30
Total CVEs
1
Critical
6
High
23
Medium
0
Low
0
KEV Exploited
All CVEs — April 2016
30 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2015-8812 | linux | Critical | 9.8 | 2016-04-27 | drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which… | |
| CVE-2016-3134 | linux | High | 8.4 | 2016-04-27 | The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local u… | |
| CVE-2016-2143 | linux | High | 7.8 | 2016-04-27 | The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels,… | |
| CVE-2016-3672 | linux | High | 7.8 | 2016-04-27 | The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize … | |
| CVE-2016-3135 | linux | High | 7.8 | 2016-04-27 | Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 3… | |
| CVE-2016-3157 | linux | High | 7.8 | 2016-04-12 | The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 6… | |
| CVE-2016-2069 | linux | High | 7.4 | 2016-04-27 | Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggerin… | |
| CVE-2015-8816 | linux | Medium | 6.8 | 2016-04-27 | The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-i… | |
| CVE-2016-0774 | linux | Medium | 6.8 | 2016-04-27 | The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux packa… | |
| CVE-2016-2548 | linux | Medium | 6.2 | 2016-04-27 | sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which al… | |
| CVE-2015-1339 | linux | Medium | 6.2 | 2016-04-27 | Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to… | |
| CVE-2016-2543 | linux | Medium | 6.2 | 2016-04-27 | The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not ve… | |
| CVE-2016-2549 | linux | Medium | 6.2 | 2016-04-27 | sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local us… | |
| CVE-2016-2847 | linux | Medium | 6.2 | 2016-04-27 | fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to… | |
| CVE-2016-2550 | linux | Medium | 5.5 | 2016-04-27 | The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service (memory c… |