Max CVSS | 9.3 | Min CVSS | 4.7 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-11600 | 6.9 |
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds
|
26-06-2023 - 16:55 | 24-07-2017 - 07:29 | |
CVE-2018-1068 | 7.2 |
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
|
21-06-2023 - 15:56 | 16-03-2018 - 16:29 | |
CVE-2018-18559 | 6.8 |
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a ra
|
16-05-2023 - 11:14 | 22-10-2018 - 16:29 | |
CVE-2017-12190 | 4.9 |
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them int
|
12-02-2023 - 23:27 | 22-11-2017 - 18:29 | |
CVE-2016-8633 | 6.2 |
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
|
12-02-2023 - 23:26 | 28-11-2016 - 03:59 | |
CVE-2017-16939 | 7.2 |
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM
|
19-01-2023 - 15:46 | 24-11-2017 - 10:29 | |
CVE-2016-7913 | 9.3 |
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certai
|
09-12-2022 - 18:12 | 16-11-2016 - 05:59 | |
CVE-2018-3665 | 4.7 |
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
|
09-06-2021 - 16:24 | 21-06-2018 - 20:29 | |
CVE-2017-13215 | 7.2 |
A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel.
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2017-17558 | 7.2 |
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allow
|
14-05-2019 - 23:29 | 12-12-2017 - 15:29 | |
CVE-2017-1000407 | 6.1 |
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
|
14-05-2019 - 22:29 | 11-12-2017 - 21:29 |