3.10.2

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-25	CVE-2018-14634	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. local low complexity linux redhat canonical netapp CWE-190	7.8
2018-09-25	CVE-2018-14633	Stack-based Buffer Overflow vulnerability in multiple products A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. network high complexity linux debian canonical redhat CWE-121	7.0
2018-09-21	CVE-2018-16597	Incorrect Authorization vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.8. local low complexity linux netapp opensuse CWE-863	4.9
2018-09-11	CVE-2018-10853	Improper Privilege Management vulnerability in multiple products A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. local low complexity canonical debian linux CWE-269	4.6
2018-09-07	CVE-2018-16658	Information Exposure vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.18.6. local low complexity linux canonical debian CWE-200	3.6
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-09-04	CVE-2018-6555	Use After Free vulnerability in Linux Kernel The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket. local low complexity linux canonical debian CWE-416	7.2
2018-09-04	CVE-2018-6554	Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. local low complexity linux canonical debian CWE-772	4.9
2018-08-31	CVE-2018-16276	Out-of-bounds Write vulnerability in multiple products An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. local low complexity linux debian canonical CWE-787	7.8
2018-08-20	CVE-2018-15594	Information Exposure vulnerability in multiple products arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. local low complexity debian canonical linux CWE-200	2.1