Vulnerabilities > Linux > Linux Kernel > 3.18.47
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-20 | CVE-2018-15594 | Information Exposure vulnerability in multiple products arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. | 2.1 |
2018-08-20 | CVE-2018-15572 | The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. | 2.1 |
2018-08-10 | CVE-2018-7754 | Information Exposure Through Log Files vulnerability in Linux Kernel The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file. | 2.1 |
2018-08-07 | CVE-2018-5995 | Information Exposure vulnerability in Linux Kernel The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call. | 2.1 |
2018-08-07 | CVE-2018-5953 | Information Exposure vulnerability in multiple products The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call. | 2.1 |
2018-07-30 | CVE-2018-10883 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's ext4 filesystem. | 5.5 |
2018-07-30 | CVE-2017-7482 | Integer Overflow or Wraparound vulnerability in multiple products In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. | 7.8 |
2018-07-29 | CVE-2018-14734 | Use After Free vulnerability in Linux Kernel drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). | 6.1 |
2018-07-27 | CVE-2017-2618 | Off-by-one Error vulnerability in multiple products A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. | 5.5 |
2018-07-27 | CVE-2018-14617 | NULL Pointer Dereference vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 4.17.10. | 7.1 |