vulnerability

Taxonomy of Linux Kernel Vulnerability Solutions

Input Validation Error

  • Buffer Overflow
  • Boundary Condition Error
  • Access Validation Error
  • Exceptional Condition Handling Error
  • Environmental Error
  • Configuration Error
  • Design Error
  • Nonstandard

Remedial Classification

  • Change of Data Types
  • Precondition Validation
  • Ensuring Atomicity
  • Error Handling
  • Zeroing Memory
  • Freeing Resources
  • Input Validation
  • Capability Validation
  • Fail-Safe
  • Protection Domain Enforcement
  • Redesign
  • Other

Exploit

Null Dereferencing

vm.mmap_min_addr

Stack Overflow

Heap Overflow

Heap Spray

Vulnerabilities

  • Spectre
    • CVE-2017-5754
    • CVE-2017-5753
  • Meltdown
    • CVE-2017-5715
  • BlueBorne
    • CVE-2017-0785
    • CVE-2017-0782
    • CVE-2017-1000251
    • CVE-2017-1000250
    • CVE-2017-8628
  • ROCA vulnerability
    • CVE-2017-15361
  • KRACK
    • CVE-2017-13077
    • CVE-2017-13078
  • Silent Bob is Silent
    • CVE-2017-5689
  • DoublePulsar
    • CVE-2017-7497
  • EternallBlue
    • CVE-2017-0143
  • Dirty COW
    • CVE-2016-5195
  • Badlock
    • CVE-2016-0128
    • CVE-2016-2118
  • DROWN
    • CVE-2016-0800
  • Row hammer
    • CVE-2015-0565
  • POODLE
    • CVE-2014-8730
    • CVE-2014-3566
  • Shellshock
    • CVE-2014-7187
    • CVE-2014-7186
    • CVE-2014-7169
    • CVE-2014-6278
    • CVE-2014-6271
    • CVE-2014-6277
  • Heartbleed
    • CVE-2014-0160