National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:3.0.46
There are 971 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2018-5703

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS.

Published: January 16, 2018; 04:29:00 AM -05:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2017-15128

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).

Published: January 14, 2018; 01:29:00 AM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2017-15127

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).

Published: January 14, 2018; 01:29:00 AM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2018-5344

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.

Published: January 12, 2018; 04:29:00 AM -05:00
V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2018-5333

In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.

Published: January 11, 2018; 02:29:00 AM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2018-5332

In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

Published: January 11, 2018; 02:29:00 AM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-15129

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.

Published: January 09, 2018; 02:29:00 PM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2017-17975

Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.

Published: December 29, 2017; 08:29:00 PM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2017-17864

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."

Published: December 27, 2017; 12:08:20 PM -05:00
V3: 3.3 LOW
V2: 2.1 LOW
CVE-2017-17862

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.

Published: December 27, 2017; 12:08:20 PM -05:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2017-17857

The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.

Published: December 27, 2017; 12:08:20 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-17856

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.

Published: December 27, 2017; 12:08:20 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-17855

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.

Published: December 27, 2017; 12:08:20 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-17854

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.

Published: December 27, 2017; 12:08:20 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-17853

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.

Published: December 27, 2017; 12:08:20 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-17852

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.

Published: December 27, 2017; 12:08:20 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-16996

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling.

Published: December 27, 2017; 12:08:17 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-16995

The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.

Published: December 27, 2017; 12:08:17 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-17807

The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the request_key() system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search permission (not Write permission) to that keyring, related to construct_get_dest_keyring() in security/keys/request_key.c.

Published: December 20, 2017; 06:29:00 PM -05:00
V3: 3.3 LOW
V2: 2.1 LOW
CVE-2017-17806

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.

Published: December 20, 2017; 06:29:00 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH