Vulnerabilities > Linux > Linux Kernel > 4.14.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-07 | CVE-2018-7740 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call. | 4.9 |
| 2018-03-05 | CVE-2017-18216 | NULL Pointer Dereference vulnerability in Linux Kernel In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used. | 2.1 |
| 2018-03-02 | CVE-2018-1065 | NULL Pointer Dereference vulnerability in Linux Kernel The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c. | 4.7 |
| 2018-02-26 | CVE-2018-7492 | NULL Pointer Dereference vulnerability in Linux Kernel A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST. | 4.9 |
| 2018-02-21 | CVE-2018-7273 | Information Exposure vulnerability in Linux Kernel In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. | 4.9 |
| 2018-02-12 | CVE-2018-6927 | Integer Overflow or Wraparound vulnerability in Linux Kernel The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value. | 4.6 |
| 2018-02-09 | CVE-2018-1000026 | Improper Input Validation vulnerability in multiple products Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. | 7.7 |
| 2018-01-31 | CVE-2017-16914 | NULL Pointer Dereference vulnerability in Linux Kernel The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet. | 7.1 |
| 2018-01-31 | CVE-2017-16913 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet. | 7.1 |
| 2018-01-31 | CVE-2017-16912 | Out-of-bounds Read vulnerability in Linux Kernel The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet. | 7.1 |