Vulnerabilities > Linux > Linux Kernel > 4.13.2

DATE CVE VULNERABILITY TITLE RISK
2019-02-22 CVE-2018-20784 Infinite Loop vulnerability in multiple products
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
network
low complexity
linux canonical redhat CWE-835
7.5
2019-02-18 CVE-2019-8912 Use After Free vulnerability in multiple products
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
local
low complexity
linux redhat canonical opensuse CWE-416
7.2
2019-02-15 CVE-2019-6974 Use After Free vulnerability in multiple products
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
network
high complexity
linux debian canonical f5 redhat CWE-416
8.1
2019-02-01 CVE-2019-7308 Numeric Errors vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.
local
high complexity
linux canonical opensuse CWE-189
5.6
2019-01-07 CVE-2019-5489 Cleartext Transmission of Sensitive Information vulnerability in multiple products
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information.
local
low complexity
linux netapp CWE-319
2.1
2019-01-03 CVE-2019-3701 Out-of-bounds Write vulnerability in Linux Kernel
An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13.
local
low complexity
linux debian canonical CWE-787
4.9
2018-12-27 CVE-2018-20511 Information Exposure vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 4.18.11.
local
low complexity
linux debian CWE-200
2.1
2018-12-18 CVE-2018-16884 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel's NFS41+ subsystem.
8.0
2018-12-17 CVE-2018-20169 Resource Exhaustion vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.19.9.
low complexity
linux canonical debian CWE-400
6.8
2018-12-12 CVE-2018-18397 Incorrect Authorization vulnerability in multiple products
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.
local
low complexity
linux redhat canonical CWE-863
2.1