Vulnerabilities > Linux > Linux Kernel > 2.6.27.52

DATE CVE VULNERABILITY TITLE RISK
2018-12-03 CVE-2018-19824 Use After Free vulnerability in Linux Kernel
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
local
low complexity
linux canonical debian CWE-416
4.6
2018-11-26 CVE-2018-16862 Information Exposure vulnerability in Linux Kernel
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal).
local
low complexity
linux redhat canonical debian CWE-200
2.1
2018-11-26 CVE-2018-14646 NULL Pointer Dereference vulnerability in Linux Kernel
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file.
local
low complexity
linux redhat CWE-476
4.9
2018-11-21 CVE-2018-19407 NULL Pointer Dereference vulnerability in Linux Kernel
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
local
low complexity
linux canonical CWE-476
4.9
2018-11-21 CVE-2018-19406 NULL Pointer Dereference vulnerability in Linux Kernel
kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.
local
low complexity
linux CWE-476
4.9
2018-10-29 CVE-2018-18710 Information Exposure vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.19.
local
low complexity
linux canonical debian CWE-200
2.1
2018-10-26 CVE-2018-18690 Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.
local
low complexity
linux canonical debian CWE-754
4.9
2018-10-17 CVE-2018-18386 Incorrect Type Conversion or Cast vulnerability in Linux Kernel
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.
local
low complexity
linux canonical CWE-704
2.1
2018-10-07 CVE-2018-18021 Improper Input Validation vulnerability in Linux Kernel
arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl.
local
low complexity
linux debian canonical CWE-20
3.6
2018-10-03 CVE-2018-17972 Race Condition vulnerability in multiple products
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11.
local
low complexity
linux canonical redhat debian CWE-362
5.5