- Home
- CVEs with nessus.description==Jann+Horn+and+Ken+Johnson+discovered+that+microprocessors+utilizing+speculative+execution+of+a+memory+read+may+allow+unauthorized+memory+reads+via+a+sidechannel+attack.+This+flaw+is+known+as+Spectre+Variant+4.+A+local+attacker+could+use+this+to+expose+sensitive+information%2C+including+kernel+memory.+%28CVE-2018-3639%29%0A%0ATuba+Yavuz+discovered+that+a+double-free+error+existed+in+the+USBTV007+driver+of+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.%0A%28CVE-2017-17975%29%0A%0AIt+was+discovered+that+a+race+condition+existed+in+the+F2FS+implementation+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.+%28CVE-2017-18193%29%0A%0AIt+was+discovered+that+a+buffer+overflow+existed+in+the+Hisilicon+HNS+Ethernet+Device+driver+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2017-18222%29%0A%0AIt+was+discovered+that+the+netfilter+subsystem+in+the+Linux+kernel+did+not+validate+that+rules+containing+jumps+contained+user-defined+chains.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2018-1065%29%0A%0AIt+was+discovered+that+the+netfilter+subsystem+of+the+Linux+kernel+did+not+properly+validate+ebtables+offsets.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2018-1068%29%0A%0AIt+was+discovered+that+a+NULL+pointer+dereference+vulnerability+existed+in+the+DCCP+protocol+implementation+in+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.+%28CVE-2018-1130%29%0A%0AIt+was+discovered+that+the+SCTP+Protocol+implementation+in+the+Linux+kernel+did+not+properly+validate+userspace+provided+payload+lengths+in+some+situations.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29.+%28CVE-2018-5803%29%0A%0AIt+was+discovered+that+a+double+free+error+existed+in+the+block+layer+subsystem+of+the+Linux+kernel+when+setting+up+a+request+queue.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2018-7480%29%0A%0AIt+was+discovered+that+a+memory+leak+existed+in+the+SAS+driver+subsystem+of+the+Linux+kernel.+A+local+attacker+could+use+this+to+cause+a+denial+of+service+%28memory+exhaustion%29.+%28CVE-2018-7757%29%0A%0AIt+was+discovered+that+a+race+condition+existed+in+the+x86+machine+check+handler+in+the+Linux+kernel.+A+local+privileged+attacker+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2018-7995%29%0A%0AEyal+Itkin+discovered+that+the+USB+displaylink+video+adapter+driver+in+the+Linux+kernel+did+not+properly+validate+mmap+offsets+sent+from+userspace.+A+local+attacker+could+use+this+to+expose+sensitive+information+%28kernel+memory%29+or+possibly+execute+arbitrary+code.%0A%28CVE-2018-8781%29%0A%0ASilvio+Cesare+discovered+a+buffer+overwrite+existed+in+the+NCPFS+implementation+in+the+Linux+kernel.+A+remote+attacker+controlling+a+malicious+NCPFS+server+could+use+this+to+cause+a+denial+of+service+%28system+crash%29+or+possibly+execute+arbitrary+code.+%28CVE-2018-8822%29.%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+Ubuntu+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top