Vulnerabilities > Linux > Linux Kernel > 2.6.23.8

DATE CVE VULNERABILITY TITLE RISK
2018-08-20 CVE-2018-15572 The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
local
low complexity
debian canonical linux
2.1
2018-08-10 CVE-2018-7754 Information Exposure Through Log Files vulnerability in Linux Kernel
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.
local
low complexity
linux CWE-532
2.1
2018-08-07 CVE-2018-5995 Information Exposure vulnerability in Linux Kernel
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.
local
low complexity
linux CWE-200
2.1
2018-08-07 CVE-2018-5953 Information Exposure vulnerability in multiple products
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.
local
low complexity
linux debian CWE-200
2.1
2018-07-30 CVE-2018-10883 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
debian linux canonical redhat CWE-787
5.5
2018-07-30 CVE-2017-7482 Integer Overflow or Wraparound vulnerability in multiple products
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field.
local
low complexity
linux debian redhat CWE-190
7.8
2018-07-29 CVE-2018-14734 Use After Free vulnerability in Linux Kernel
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
local
low complexity
linux canonical debian CWE-416
6.1
2018-07-27 CVE-2017-2618 Off-by-one Error vulnerability in multiple products
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10.
local
low complexity
linux redhat debian CWE-193
5.5
2018-07-27 CVE-2018-14617 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.10.
7.1
2018-07-27 CVE-2018-14616 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.10.
network
linux CWE-476
7.1