Vulnerabilities > Linux > Linux Kernel > 3.18.34

DATE CVE VULNERABILITY TITLE RISK
2018-06-26 CVE-2018-1000204 Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp.
network
high complexity
linux debian canonical
5.3
2018-06-22 CVE-2018-12633 Race Condition vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.2.
local
linux CWE-362
6.3
2018-06-21 CVE-2016-10723 Resource Management Errors vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.2.
local
low complexity
linux CWE-399
5.5
2018-06-20 CVE-2018-1120 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
A flaw was found affecting the Linux kernel before version 4.17.
3.5
2018-06-12 CVE-2018-5814 Race Condition vulnerability in Linux Kernel
In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets.
6.9
2018-06-12 CVE-2018-5803 Improper Input Validation vulnerability in Linux Kernel
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
local
low complexity
linux debian redhat CWE-20
4.9
2018-06-12 CVE-2018-12233 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file.
local
low complexity
linux canonical CWE-119
7.8
2018-06-12 CVE-2018-12232 Race Condition vulnerability in Linux Kernel
In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions.
network
linux CWE-362
7.1
2018-05-28 CVE-2018-11508 Information Exposure vulnerability in Linux Kernel
The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex.
local
low complexity
linux canonical CWE-200
2.1
2018-05-18 CVE-2017-18270 Unspecified vulnerability in Linux Kernel
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service.
local
low complexity
linux
3.6