Vulnerabilities > Linux > Linux Kernel > 4.14.188

DATE CVE VULNERABILITY TITLE RISK
2018-07-25 CVE-2018-10880 Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data().
local
low complexity
debian linux redhat canonical
5.5
5.5
2018-07-03 CVE-2018-13100 Divide By Zero vulnerability in multiple products
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error.
local
low complexity
linux debian CWE-369
5.5
5.5
2018-07-03 CVE-2018-13098 Out-of-bounds Read vulnerability in Linux Kernel
An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3.
local
low complexity
linux CWE-125
5.5
5.5
2018-07-03 CVE-2018-13097 Divide By Zero vulnerability in Linux Kernel
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3.
local
low complexity
linux CWE-369
5.5
5.5
2018-07-03 CVE-2018-13095 Out-of-bounds Write vulnerability in Linux Kernel
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3.
local
low complexity
linux CWE-787
5.5
5.5
2018-07-03 CVE-2018-13094 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3.
local
low complexity
linux canonical CWE-476
5.5
5.5
2018-07-03 CVE-2018-13093 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3.
local
low complexity
linux CWE-476
5.5
5.5
2018-07-02 CVE-2018-12896 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in the Linux kernel through 4.17.3.
local
low complexity
linux debian canonical CWE-190
5.5
5.5
2018-07-02 CVE-2018-13053 Integer Overflow or Wraparound vulnerability in multiple products
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
local
low complexity
linux canonical debian CWE-190
3.3
3.3
2018-06-27 CVE-2018-12904 In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.
local
high complexity
linux canonical
4.9
4.9