Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:4.7:rc6
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-10938 |
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. Published: August 27, 2018; 9:29:00 AM -0400 |
V3.0: 5.9 MEDIUM V2.0: 7.1 HIGH |
CVE-2017-7558 |
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace. Published: July 26, 2018; 11:29:00 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-7273 |
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report. Published: March 27, 2017; 1:59:01 PM -0400 |
V3.0: 6.6 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2016-6162 |
net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via certain IPv6 socket operations. Published: August 06, 2016; 4:59:09 PM -0400 |
V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |