Linux Kernel CVE Statistics
19 Linux Kernel CVEs in October 2016
Full month · Source: NIST NVD
In October 2016, 19 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 2 were rated Critical, 7 were rated High severity and 10 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. October's 19 CVEs represent 9% of all 2016 Linux kernel CVEs , up from September's 1 (a 1800% month-over-month increase) .
19
Total CVEs
2
Critical
7
High
10
Medium
0
Low
0
KEV Exploited
All CVEs — October 2016
19 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2016-5343 | linux | Critical | 9.8 | 2016-10-10 | drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm … | |
| CVE-2016-7117 | linux | Critical | 9.8 | 2016-10-10 | Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows rem… | |
| CVE-2015-3288 | linux | High | 7.8 | 2016-10-16 | mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or… | |
| CVE-2016-7425 | linux | High | 7.8 | 2016-10-16 | The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not res… | |
| CVE-2016-7039 | linux | High | 7.5 | 2016-10-16 | The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption … | |
| CVE-2016-8666 | linux | High | 7.5 | 2016-10-16 | The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and… | |
| CVE-2016-3699 | linux | High | 7.4 | 2016-10-07 | The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure… | |
| CVE-2015-8955 | linux | High | 7.3 | 2016-10-10 | arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges … | |
| CVE-2015-0572 | linux | High | 7.0 | 2016-10-10 | Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linu… | |
| CVE-2016-7042 | linux | Medium | 6.2 | 2016-10-16 | The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection… | |
| CVE-2016-8658 | linux | Medium | 6.1 | 2016-10-16 | Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac… | |
| CVE-2015-8956 | linux | Medium | 6.1 | 2016-10-10 | The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtai… | |
| CVE-2016-6327 | linux | Medium | 5.5 | 2016-10-16 | drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service … | |
| CVE-2015-8953 | linux | Medium | 5.5 | 2016-10-16 | fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users t… | |
| CVE-2016-6828 | linux | Medium | 5.5 | 2016-10-16 | The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certa… |