Vulnerabilities > Linux > Linux Kernel > 3.18.48
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-19 | CVE-2017-10661 | Use After Free vulnerability in multiple products Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing. | 7.0 |
2017-08-09 | CVE-2017-12762 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. | 9.8 |
2017-08-05 | CVE-2017-7533 | Race Condition vulnerability in Linux Kernel Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions. | 7.0 |
2017-07-25 | CVE-2017-7541 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet. | 7.8 |
2017-07-24 | CVE-2017-11600 | Out-of-bounds Read vulnerability in Linux Kernel net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message. | 7.0 |
2017-07-21 | CVE-2017-7542 | Integer Overflow or Wraparound vulnerability in Linux Kernel The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket. | 5.5 |
2017-07-20 | CVE-2017-11473 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table. | 7.8 |
2017-07-20 | CVE-2017-11472 | Improper Handling of Exceptional Conditions vulnerability in Linux Kernel The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. | 3.6 |
2017-07-17 | CVE-2017-1000363 | Out-of-bounds Write vulnerability in multiple products Linux drivers/char/lp.c Out-of-Bounds Write. | 7.8 |
2017-07-11 | CVE-2017-11176 | Use After Free vulnerability in multiple products The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. | 7.8 |