4.17.15

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-21	CVE-2018-16597	Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 4.8. local low complexity linux netapp opensuse CWE-863	5.5
2018-09-19	CVE-2018-17182	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 4.18.8. local low complexity linux canonical debian netapp CWE-416	7.8
2018-09-07	CVE-2018-16658	Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel before 4.18.6. local low complexity linux canonical debian CWE-200	6.1
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-08-20	CVE-2018-15594	Information Exposure vulnerability in multiple products arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. local low complexity debian canonical linux CWE-200	5.5
2018-08-20	CVE-2018-15572	The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. local low complexity debian canonical linux	6.5
2018-08-17	CVE-2018-15471	Out-of-bounds Read vulnerability in multiple products An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. local low complexity xen linux canonical CWE-125	7.8
2018-08-06	CVE-2018-5390	Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. network low complexity redhat linux canonical debian hp f5 a10networks cisco CWE-400	7.5
2018-07-26	CVE-2018-10878	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity canonical linux debian redhat	7.8
2018-05-21	CVE-2018-1108	Use of Insufficiently Random Values vulnerability in multiple products kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. network high complexity linux canonical debian CWE-330	5.9