4.17.17

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-29	CVE-2018-16880	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. local high complexity linux canonical CWE-787	7.0
2019-01-03	CVE-2018-16882	Use After Free vulnerability in multiple products A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. local low complexity linux canonical CWE-416	8.8
2018-12-18	CVE-2018-16884	Use After Free vulnerability in multiple products A flaw was found in the Linux kernel's NFS41+ subsystem. low complexity linux redhat debian canonical CWE-416	8.0
2018-12-17	CVE-2018-20169	Resource Exhaustion vulnerability in multiple products An issue was discovered in the Linux kernel before 4.19.9. low complexity linux canonical debian CWE-400	6.8
2018-10-17	CVE-2018-18445	Out-of-bounds Read vulnerability in multiple products In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. local low complexity linux canonical redhat CWE-125	7.8
2018-10-03	CVE-2018-17972	Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. local low complexity linux canonical redhat debian CWE-362	5.5
2018-09-25	CVE-2018-14633	Stack-based Buffer Overflow vulnerability in multiple products A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. network high complexity linux debian canonical redhat CWE-121	7.0
2018-09-19	CVE-2018-17182	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 4.18.8. local low complexity linux canonical debian netapp CWE-416	7.8
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-08-17	CVE-2018-15471	Out-of-bounds Read vulnerability in multiple products An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. local low complexity xen linux canonical CWE-125	7.8