U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:3.0.49
There are 1,598 matching records.
Displaying matches 901 through 920.
Vuln ID Summary CVSS Severity
CVE-2018-5750

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

Published: January 26, 2018; 2:29:00 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-15128

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).

Published: January 14, 2018; 1:29:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2017-15127

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).

Published: January 14, 2018; 1:29:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2018-5344

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.

Published: January 12, 2018; 4:29:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2018-5333

In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.

Published: January 11, 2018; 2:29:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2018-5332

In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

Published: January 11, 2018; 2:29:00 AM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2017-17975

Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.

Published: December 29, 2017; 8:29:00 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2017-17864

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."

Published: December 27, 2017; 12:08:20 PM -0500
V3.0: 3.3 LOW
V2.0: 2.1 LOW
CVE-2017-17862

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.

Published: December 27, 2017; 12:08:20 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2017-17807

The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the request_key() system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search permission (not Write permission) to that keyring, related to construct_get_dest_keyring() in security/keys/request_key.c.

Published: December 20, 2017; 6:29:00 PM -0500
V3.0: 3.3 LOW
V2.0: 2.1 LOW
CVE-2017-17806

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.

Published: December 20, 2017; 6:29:00 PM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.

Published: December 20, 2017; 6:29:00 PM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2017-17741

The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.

Published: December 18, 2017; 3:29:00 AM -0500
V3.0: 6.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-17558

The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device.

Published: December 12, 2017; 10:29:00 AM -0500
V3.0: 6.6 MEDIUM
V2.0: 7.2 HIGH
CVE-2017-1000407

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

Published: December 11, 2017; 4:29:00 PM -0500
V3.0: 7.4 HIGH
V2.0: 6.1 MEDIUM
CVE-2017-17450

net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces.

Published: December 06, 2017; 7:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2017-17449

The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system.

Published: December 06, 2017; 7:29:00 PM -0500
V3.0: 4.7 MEDIUM
V2.0: 1.9 LOW
CVE-2017-17448

net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces.

Published: December 06, 2017; 7:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2017-8824

The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

Published: December 05, 2017; 4:29:00 AM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2017-15116

The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).

Published: November 30, 2017; 1:29:00 PM -0500
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM