CVE-2018-7492
|
A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.
Published:
February 26, 2018; 03:29:00 PM -05:00
|
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
|
CVE-2017-18200
|
The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim.
Published:
February 25, 2018; 10:29:00 PM -05:00
|
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
|
CVE-2018-7480
|
The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.
Published:
February 25, 2018; 03:29:00 PM -05:00
|
V3: 7.8 HIGH
V2: 7.2 HIGH
|
CVE-2017-18193
|
fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads.
Published:
February 22, 2018; 10:29:00 AM -05:00
|
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
|
CVE-2018-7273
|
In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR.
Published:
February 20, 2018; 07:29:00 PM -05:00
|
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
|
CVE-2018-6927
|
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
Published:
February 12, 2018; 02:29:01 PM -05:00
|
V3: 7.8 HIGH
V2: 4.6 MEDIUM
|
CVE-2017-18174
|
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.
Published:
February 11, 2018; 01:29:00 PM -05:00
|
V3: 9.8 CRITICAL
V2: 7.5 HIGH
|
CVE-2018-6412
|
In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAP_SPARC and FBIOGETCMAP_SPARC commands.
Published:
January 31, 2018; 02:29:00 AM -05:00
|
V3: 7.5 HIGH
V2: 5.0 MEDIUM
|
CVE-2017-18079
|
drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated.
Published:
January 29, 2018; 12:29:00 AM -05:00
|
V3: 7.8 HIGH
V2: 7.2 HIGH
|
CVE-2018-5750
|
The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.
Published:
January 26, 2018; 02:29:00 PM -05:00
|
V3: 5.5 MEDIUM
V2: 2.1 LOW
|
CVE-2017-18075
|
crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.
Published:
January 24, 2018; 05:29:00 AM -05:00
|
V3: 7.8 HIGH
V2: 7.2 HIGH
|
CVE-2018-1000004
|
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
Published:
January 16, 2018; 03:29:00 PM -05:00
|
V3: 5.9 MEDIUM
V2: 7.1 HIGH
|
CVE-2018-5703
|
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS.
Published:
January 16, 2018; 04:29:00 AM -05:00
|
V3: 9.8 CRITICAL
V2: 10.0 HIGH
|
CVE-2017-15128
|
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).
Published:
January 14, 2018; 01:29:00 AM -05:00
|
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
|
CVE-2017-15127
|
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).
Published:
January 14, 2018; 01:29:00 AM -05:00
|
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
|
CVE-2018-5344
|
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
Published:
January 12, 2018; 04:29:00 AM -05:00
|
V3: 7.8 HIGH
V2: 4.6 MEDIUM
|
CVE-2018-5333
|
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
Published:
January 11, 2018; 02:29:00 AM -05:00
|
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
|
CVE-2018-5332
|
In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
Published:
January 11, 2018; 02:29:00 AM -05:00
|
V3: 7.8 HIGH
V2: 7.2 HIGH
|
CVE-2017-15129
|
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.
Published:
January 09, 2018; 02:29:00 PM -05:00
|
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
|
CVE-2017-17975
|
Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.
Published:
December 29, 2017; 08:29:00 PM -05:00
|
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
|