| Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-15471 | 6.8 |
An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to req
|
03-10-2023 - 15:39 | 17-08-2018 - 18:29 | |
| CVE-2018-13406 | 7.2 |
An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.
|
24-02-2023 - 18:37 | 06-07-2018 - 14:29 | |
| CVE-2018-5391 | 7.8 |
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments
|
28-12-2022 - 18:07 | 06-09-2018 - 21:29 | |
| CVE-2018-13096 | 4.3 |
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.
|
07-10-2022 - 02:06 | 03-07-2018 - 10:29 | |
| CVE-2018-3639 | 2.1 |
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access vi
|
13-08-2021 - 15:26 | 22-05-2018 - 12:29 | |
| CVE-2018-14613 | 7.1 |
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btr
|
14-06-2021 - 18:15 | 27-07-2018 - 04:29 | |
| CVE-2018-1128 | 5.4 |
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authen
|
17-11-2020 - 19:15 | 10-07-2018 - 14:29 | |
| CVE-2018-17972 | 4.9 |
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwindi
|
15-10-2020 - 13:28 | 03-10-2018 - 22:29 | |
| CVE-2018-18281 | 4.6 |
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain f
|
24-08-2020 - 17:37 | 30-10-2018 - 18:29 | |
| CVE-2018-14610 | 7.1 |
An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk a
|
10-06-2020 - 13:15 | 27-07-2018 - 04:29 | |
| CVE-2018-14612 | 7.1 |
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/
|
10-06-2020 - 13:15 | 27-07-2018 - 04:29 | |
| CVE-2018-14611 | 7.1 |
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c.
|
10-06-2020 - 13:15 | 27-07-2018 - 04:29 | |
| CVE-2018-6554 | 4.9 |
Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.
|
09-10-2019 - 23:41 | 04-09-2018 - 18:29 | |
| CVE-2018-18690 | 4.9 |
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_
|
03-10-2019 - 00:03 | 26-10-2018 - 18:29 | |
| CVE-2018-1129 | 3.3 |
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Cep
|
29-08-2019 - 03:15 | 10-07-2018 - 14:29 | |
| CVE-2018-5848 | 4.6 |
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS
|
02-05-2019 - 15:54 | 12-06-2018 - 20:29 | |
| CVE-2018-13053 | 2.1 |
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
|
23-04-2019 - 17:29 | 02-07-2018 - 12:29 | |
| CVE-2018-18710 | 2.1 |
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds c
|
03-04-2019 - 12:39 | 29-10-2018 - 12:29 | |
| CVE-2018-12896 | 2.1 |
An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be
|
03-04-2019 - 12:04 | 02-07-2018 - 17:29 | |
| CVE-2018-14614 | 7.1 |
An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image.
|
03-04-2019 - 01:29 | 27-07-2018 - 04:29 | |
| CVE-2018-13097 | 4.3 |
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image, leading to a denial of service (BUG).
|
03-04-2019 - 01:29 | 03-07-2018 - 10:29 | |
| CVE-2018-14616 | 7.1 |
An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image.
|
03-04-2019 - 01:29 | 27-07-2018 - 04:29 | |
| CVE-2018-13100 | 4.3 |
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error.
|
03-04-2019 - 01:29 | 03-07-2018 - 10:29 | |
| CVE-2017-18249 | 4.4 |
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent thre
|
03-04-2019 - 01:29 | 26-03-2018 - 20:29 | |
| CVE-2018-16862 | 2.1 |
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data
|
01-04-2019 - 21:29 | 26-11-2018 - 19:29 | |
| CVE-2018-19407 | 4.9 |
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
|
21-03-2019 - 16:00 | 21-11-2018 - 00:29 |