Max CVSS | 8.3 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-14678 | 7.2 |
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (unin
|
24-02-2023 - 18:35 | 28-07-2018 - 18:29 | |
CVE-2018-16276 | 7.2 |
An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate
|
24-02-2023 - 18:34 | 31-08-2018 - 16:29 | |
CVE-2018-17182 | 7.2 |
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, ma
|
24-02-2023 - 18:33 | 19-09-2018 - 09:29 | |
CVE-2018-14633 | 8.3 |
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer over
|
14-02-2023 - 21:13 | 25-09-2018 - 00:29 | |
CVE-2018-10902 | 4.6 |
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmi
|
12-02-2023 - 23:31 | 21-08-2018 - 19:29 | |
CVE-2018-9363 | 7.2 |
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kerne
|
19-01-2023 - 16:01 | 06-11-2018 - 17:29 | |
CVE-2018-13099 | 4.3 |
An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.
|
07-10-2022 - 02:08 | 03-07-2018 - 10:29 | |
CVE-2018-6555 | 7.2 |
The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecifi
|
09-10-2019 - 23:41 | 04-09-2018 - 18:29 | |
CVE-2018-6554 | 4.9 |
Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.
|
09-10-2019 - 23:41 | 04-09-2018 - 18:29 | |
CVE-2018-15594 | 2.1 |
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.
|
03-10-2019 - 00:03 | 20-08-2018 - 08:29 | |
CVE-2018-15572 | 2.1 |
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
|
03-10-2019 - 00:03 | 20-08-2018 - 02:29 | |
CVE-2018-10938 | 7.1 |
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading
|
03-10-2019 - 00:03 | 27-08-2018 - 13:29 | |
CVE-2018-14617 | 7.1 |
An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog
|
13-08-2019 - 19:15 | 27-07-2018 - 04:29 | |
CVE-2018-14609 | 7.1 |
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not bee
|
13-08-2019 - 19:15 | 27-07-2018 - 04:29 | |
CVE-2018-9516 | 7.2 |
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e
|
06-08-2019 - 17:15 | 06-11-2018 - 17:29 | |
CVE-2018-16658 | 3.6 |
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds
|
06-08-2019 - 17:15 | 07-09-2018 - 14:29 | |
CVE-2018-14734 | 6.1 |
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
|
23-04-2019 - 17:29 | 29-07-2018 - 23:29 | |
CVE-2018-7755 | 2.1 |
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioc
|
04-10-2018 - 10:29 | 08-03-2018 - 07:29 |