Vulnerabilities > Linux > Linux Kernel > 3.12.30
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-02 | CVE-2018-1066 | NULL Pointer Dereference vulnerability in Linux Kernel The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. | 7.1 |
2018-03-02 | CVE-2018-1065 | NULL Pointer Dereference vulnerability in Linux Kernel The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c. | 4.7 |
2018-03-01 | CVE-2017-18208 | Infinite Loop vulnerability in Linux Kernel The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping. | 4.9 |
2018-02-27 | CVE-2017-18204 | Unspecified vulnerability in Linux Kernel The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests. | 2.1 |
2018-02-27 | CVE-2017-18203 | Race Condition vulnerability in Linux Kernel The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices. | 1.9 |
2018-02-26 | CVE-2018-7492 | NULL Pointer Dereference vulnerability in Linux Kernel A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST. | 4.9 |
2018-02-26 | CVE-2017-18200 | Improper Input Validation vulnerability in Linux Kernel The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim. | 4.9 |
2018-02-22 | CVE-2017-18193 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads. | 4.9 |
2018-02-21 | CVE-2018-7273 | Information Exposure vulnerability in Linux Kernel In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. | 4.9 |
2018-02-12 | CVE-2018-6927 | Integer Overflow or Wraparound vulnerability in Linux Kernel The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value. | 4.6 |