4.17.19

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-25	CVE-2018-14633	Stack-based Buffer Overflow vulnerability in multiple products A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. network high complexity linux debian canonical redhat CWE-121	7.0
2018-09-19	CVE-2018-17182	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 4.18.8. local low complexity linux canonical debian netapp CWE-416	7.8
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-08-17	CVE-2018-15471	Out-of-bounds Read vulnerability in multiple products An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. local low complexity xen linux canonical CWE-125	7.8
2018-08-06	CVE-2018-5390	Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. network low complexity redhat linux canonical debian hp hpe f5 a10networks cisco CWE-400	7.5
2018-07-26	CVE-2018-10878	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's ext4 filesystem. local low complexity canonical linux debian redhat CWE-787	7.8
2018-05-21	CVE-2018-1108	Use of Insufficiently Random Values vulnerability in multiple products kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. network high complexity linux canonical debian CWE-330	5.9
2018-05-10	CVE-2018-1118	Improper Initialization vulnerability in multiple products Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. local low complexity linux debian canonical redhat CWE-665	5.5
2018-04-11	CVE-2018-10021	Unspecified vulnerability in Linux Kernel drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. local low complexity linux	5.5
2017-04-24	CVE-2010-5321	Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. low complexity linux CWE-772	4.3