Vulnerabilities > Linux > Linux Kernel > 4.14.188

DATE CVE VULNERABILITY TITLE RISK
2018-06-27 CVE-2018-12904 In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.
local
high complexity
linux canonical
4.9
2018-06-26 CVE-2018-1000204 Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp.
network
high complexity
linux debian canonical
5.3
2018-06-22 CVE-2018-12633 Race Condition vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.2.
local
high complexity
linux CWE-362
6.3
2018-06-21 CVE-2016-10723 Resource Management Errors vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.2.
local
low complexity
linux CWE-399
5.5
2018-06-20 CVE-2018-1120 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found affecting the Linux kernel before version 4.17.
network
high complexity
linux redhat debian canonical CWE-119
5.3
2018-06-12 CVE-2018-12232 Race Condition vulnerability in Linux Kernel
In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions.
network
high complexity
linux CWE-362
5.9
2018-05-28 CVE-2018-11508 Information Exposure vulnerability in multiple products
The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex.
local
low complexity
linux canonical CWE-200
5.5
2018-05-24 CVE-2018-11412 Use After Free vulnerability in multiple products
In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode.
network
high complexity
linux canonical CWE-416
5.9
2018-05-10 CVE-2018-1118 Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function.
local
low complexity
linux debian canonical redhat
5.5
2018-05-09 CVE-2018-10940 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
local
low complexity
linux debian CWE-119
5.5