Vulnerabilities > Linux > Linux Kernel > 4.11.10

DATE CVE VULNERABILITY TITLE RISK
2017-08-25 CVE-2017-13693 Information Exposure vulnerability in Linux Kernel
The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
local
low complexity
linux CWE-200
4.9
2017-08-19 CVE-2017-10663 Improper Validation of Array Index vulnerability in Linux Kernel
The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors.
local
low complexity
linux CWE-129
7.8
2017-08-09 CVE-2017-12762 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow.
network
low complexity
linux canonical CWE-119
critical
9.8
2017-08-05 CVE-2017-7533 Race Condition vulnerability in Linux Kernel
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
local
high complexity
linux CWE-362
7.0
2017-07-25 CVE-2017-7541 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.
local
low complexity
linux CWE-119
7.8
2017-07-24 CVE-2017-11600 Out-of-bounds Read vulnerability in Linux Kernel
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.
local
high complexity
linux CWE-125
7.0
2017-07-21 CVE-2017-7542 Integer Overflow or Wraparound vulnerability in Linux Kernel
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
local
low complexity
linux CWE-190
5.5
2017-07-20 CVE-2017-11473 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.
local
low complexity
linux canonical CWE-120
7.8
2017-07-11 CVE-2017-11176 Use After Free vulnerability in multiple products
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic.
local
low complexity
linux debian CWE-416
7.8
2017-06-28 CVE-2017-9985 Out-of-bounds Read vulnerability in multiple products
The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.
local
low complexity
linux canonical CWE-125
7.8