Linux Kernel CVE Statistics
29 Linux Kernel CVEs in February 2017
Full month · Source: NIST NVD
In February 2017, 29 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 1 was rated Critical, 17 were rated High severity and 11 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. February's 29 CVEs represent 5% of all 2017 Linux kernel CVEs , up from January's 3 (a 867% month-over-month increase) .
29
Total CVEs
1
Critical
17
High
11
Medium
0
Low
0
KEV Exploited
All CVEs — February 2017
29 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2016-10150 | linux | Critical | 9.8 | 2017-02-06 | Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before … | |
| CVE-2017-2583 | linux | High | 8.4 | 2017-02-06 | The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulat… | |
| CVE-2017-5669 | linux | High | 7.8 | 2017-02-24 | The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a cer… | |
| CVE-2016-8636 | linux | High | 7.8 | 2017-02-22 | Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.1… | |
| CVE-2017-6074 | linux | High | 7.8 | 2017-02-18 | The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST … | |
| CVE-2016-1881 | linux | High | 7.8 | 2017-02-15 | The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain p… | |
| CVE-2016-1880 | linux | High | 7.8 | 2017-02-15 | The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kerne… | |
| CVE-2014-9914 | linux | High | 7.8 | 2017-02-07 | Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows … | |
| CVE-2016-10044 | linux | High | 7.8 | 2017-02-07 | The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which ma… | |
| CVE-2016-10153 | linux | High | 7.8 | 2017-02-06 | The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK opti… | |
| CVE-2017-5546 | linux | High | 7.8 | 2017-02-06 | The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to … | |
| CVE-2017-5548 | linux | High | 7.8 | 2017-02-06 | drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK … | |
| CVE-2017-5576 | linux | High | 7.8 | 2017-02-06 | Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux … | |
| CVE-2017-5547 | linux | High | 7.8 | 2017-02-06 | drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK optio… | |
| CVE-2017-6214 | linux | High | 7.5 | 2017-02-23 | The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a den… |