Linux Kernel CVE Statistics
21 Linux Kernel CVEs in December 2016
Full month · Source: NIST NVD
In December 2016, 21 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 15 were rated High severity and 6 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. December's 21 CVEs represent 9% of all 2016 Linux kernel CVEs , down from November's 30 (a 30% month-over-month decrease) .
21
Total CVEs
0
Critical
15
High
6
Medium
0
Low
0
KEV Exploited
All CVEs — December 2016
21 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2016-9794 | linux | High | 7.8 | 2016-12-28 | Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel… | |
| CVE-2016-9576 | linux | High | 7.8 | 2016-12-28 | The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the ty… | |
| CVE-2012-6704 | linux | High | 7.8 | 2016-12-28 | The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf … | |
| CVE-2016-9793 | linux | High | 7.8 | 2016-12-28 | The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndb… | |
| CVE-2016-9755 | linux | High | 7.8 | 2016-12-28 | The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a … | |
| CVE-2016-9806 | linux | High | 7.8 | 2016-12-28 | Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local u… | |
| CVE-2016-9777 | linux | High | 7.8 | 2016-12-28 | KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allow… | |
| CVE-2016-9120 | linux | High | 7.8 | 2016-12-08 | Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows loc… | |
| CVE-2015-8967 | linux | High | 7.8 | 2016-12-08 | arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" prote… | |
| CVE-2016-8655 | linux | High | 7.8 | 2016-12-08 | Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or ca… | |
| CVE-2015-8966 | linux | High | 7.8 | 2016-12-08 | arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1… | |
| CVE-2016-9919 | linux | High | 7.5 | 2016-12-08 | The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data str… | |
| CVE-2016-10088 | linux | High | 7.0 | 2016-12-30 | The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where t… | |
| CVE-2016-6787 | linux | High | 7.0 | 2016-12-28 | kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrat… | |
| CVE-2016-6786 | linux | High | 7.0 | 2016-12-28 | kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrat… |