Vulnerabilities > Linux > Linux Kernel > 3.18.41

DATE CVE VULNERABILITY TITLE RISK
2017-03-01 CVE-2017-6348 Unspecified vulnerability in Linux Kernel
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.
local
low complexity
linux
5.5
2017-03-01 CVE-2017-6346 Use After Free vulnerability in Linux Kernel
Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.
local
high complexity
linux CWE-416
7.0
2017-03-01 CVE-2017-6345 Improper Input Validation vulnerability in Linux Kernel
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.
local
low complexity
linux CWE-20
7.8
2017-02-24 CVE-2017-5669 The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.
local
low complexity
linux debian canonical
7.8
2017-02-23 CVE-2017-6214 Infinite Loop vulnerability in Linux Kernel
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.
network
low complexity
linux CWE-835
7.5
2017-02-18 CVE-2017-6074 Double Free vulnerability in multiple products
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
local
low complexity
linux debian CWE-415
7.8
2017-02-18 CVE-2017-5986 Reachable Assertion vulnerability in Linux Kernel
Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.
local
low complexity
linux CWE-617
5.5
2017-02-14 CVE-2017-5972 Resource Exhaustion vulnerability in Linux Kernel
The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many TCP SYN packets, as demonstrated by an attack against the kernel-3.10.0 package in CentOS Linux 7.
network
low complexity
linux CWE-400
7.5
2017-02-14 CVE-2017-5970 NULL Pointer Dereference vulnerability in Linux Kernel
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
network
low complexity
linux CWE-476
7.5
2017-02-14 CVE-2017-5967 Information Exposure vulnerability in Linux Kernel
The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distinguished from PID values inside a PID namespace) by reading the /proc/timer_list file, related to the print_timer function in kernel/time/timer_list.c and the __timer_stats_timer_set_start_info function in kernel/time/timer.c.
local
low complexity
linux CWE-200
4.0