Linux » Linux Kernel : Security Vulnerabilities, CVEs, Published In February 2016 (Information Leak)

CVE-2016-0723

Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.
Max CVSS
6.8
EPSS Score
0.16%
Published
2016-02-08
Updated
2016-12-06

CVE-2015-8575

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
Max CVSS
4.0
EPSS Score
0.11%
Published
2016-02-08
Updated
2017-11-04
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close