Vulnerabilities > Linux > Linux Kernel > 4.14.123
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-30 | CVE-2018-18281 | Incomplete Cleanup vulnerability in multiple products Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. | 7.8 |
2018-10-29 | CVE-2018-18710 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel through 4.19. | 5.5 |
2018-10-26 | CVE-2018-18690 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form. | 5.5 |
2018-10-07 | CVE-2018-18021 | Improper Input Validation vulnerability in multiple products arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. | 7.1 |
2018-10-03 | CVE-2018-17972 | Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. | 5.5 |
2018-09-21 | CVE-2018-16597 | Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 4.8. | 5.5 |
2018-09-07 | CVE-2018-16658 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel before 4.18.6. | 6.1 |
2018-09-06 | CVE-2018-5391 | Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. | 7.5 |
2018-09-04 | CVE-2018-6555 | Use After Free vulnerability in multiple products The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket. | 7.8 |
2018-09-04 | CVE-2018-6554 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. | 5.5 |