Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:4.12:rc1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-10938 |
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. Published: August 27, 2018; 9:29:00 AM -0400 |
V3.0: 5.9 MEDIUM V2.0: 7.1 HIGH |
CVE-2017-1000363 |
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line. Published: July 17, 2017; 9:18:18 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |