Vulnerabilities > Linux > Linux Kernel > 3.18.41

DATE CVE VULNERABILITY TITLE RISK
2017-11-27 CVE-2017-16994 Information Exposure vulnerability in Linux Kernel
The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.
local
low complexity
linux CWE-200
5.5
2017-11-24 CVE-2017-16939 Use After Free vulnerability in multiple products
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
local
low complexity
linux debian CWE-416
7.8
2017-11-22 CVE-2017-12193 Unspecified vulnerability in Linux Kernel
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.
local
low complexity
linux
5.5
2017-11-22 CVE-2017-12190 Unspecified vulnerability in Linux Kernel
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page.
local
low complexity
linux
6.5
2017-11-15 CVE-2017-15115 Use After Free vulnerability in multiple products
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.
local
low complexity
linux debian suse canonical CWE-416
7.8
2017-11-15 CVE-2017-15102 NULL Pointer Dereference vulnerability in multiple products
The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference.
high complexity
linux redhat canonical CWE-476
6.3
2017-11-07 CVE-2017-16650 Divide By Zero vulnerability in Linux Kernel
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-369
6.6
2017-11-07 CVE-2017-16649 Divide By Zero vulnerability in Linux Kernel
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-369
6.6
2017-11-07 CVE-2017-16648 Use After Free vulnerability in Linux Kernel
The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-416
6.6
2017-11-07 CVE-2017-16647 NULL Pointer Dereference vulnerability in Linux Kernel
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.
low complexity
linux CWE-476
6.6