Vulnerabilities > Linux > Linux Kernel > 3.18.41

DATE CVE VULNERABILITY TITLE RISK
2018-02-21 CVE-2018-7273 Information Exposure vulnerability in Linux Kernel
In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c.
local
low complexity
linux CWE-200
5.5
2018-02-12 CVE-2018-6927 Integer Overflow or Wraparound vulnerability in multiple products
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
local
low complexity
linux canonical debian redhat CWE-190
7.8
2018-02-11 CVE-2017-18174 Double Free vulnerability in Linux Kernel
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.
network
low complexity
linux CWE-415
critical
9.8
2018-02-09 CVE-2018-1000026 Improper Input Validation vulnerability in multiple products
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line.
network
low complexity
linux canonical redhat debian CWE-20
7.7
2018-01-31 CVE-2018-6412 Information Exposure vulnerability in Linux Kernel
In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAP_SPARC and FBIOGETCMAP_SPARC commands.
network
low complexity
linux CWE-200
7.5
2018-01-29 CVE-2017-18079 NULL Pointer Dereference vulnerability in multiple products
drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated.
local
low complexity
linux canonical CWE-476
7.8
2018-01-26 CVE-2018-5750 Information Exposure vulnerability in multiple products
The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.
local
low complexity
linux debian canonical redhat CWE-200
5.5
2018-01-16 CVE-2018-1000004 Race Condition vulnerability in Linux Kernel
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
network
high complexity
linux CWE-362
5.9
2018-01-14 CVE-2017-15128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12.
local
low complexity
linux redhat CWE-119
5.5
2018-01-14 CVE-2017-15127 A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.
local
low complexity
linux redhat
5.5