Vulnerabilities > Linux > Linux Kernel > 4.17.3

DATE CVE VULNERABILITY TITLE RISK
2018-07-03 CVE-2018-13097 Divide By Zero vulnerability in Linux Kernel
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3.
local
low complexity
linux CWE-369
5.5
5.5
2018-07-03 CVE-2018-13095 Out-of-bounds Write vulnerability in Linux Kernel
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3.
local
low complexity
linux CWE-787
5.5
5.5
2018-07-03 CVE-2018-13094 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3.
local
low complexity
linux canonical CWE-476
5.5
5.5
2018-07-03 CVE-2018-13093 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3.
local
low complexity
linux CWE-476
5.5
5.5
2018-07-02 CVE-2018-12896 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in the Linux kernel through 4.17.3.
local
low complexity
linux debian canonical CWE-190
5.5
5.5
2018-07-02 CVE-2018-13053 Integer Overflow or Wraparound vulnerability in multiple products
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
local
low complexity
linux canonical debian CWE-190
3.3
3.3
2018-06-24 CVE-2018-12714 Out-of-bounds Write vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.2.
network
low complexity
linux CWE-787
critical
 9.8
9.8
2018-06-12 CVE-2018-12233 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file.
local
low complexity
linux canonical CWE-119
7.8
7.8
2018-05-21 CVE-2018-1108 Use of Insufficiently Random Values vulnerability in multiple products
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data.
network
high complexity
linux canonical debian CWE-330
5.9
5.9
2018-05-10 CVE-2018-1118 Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function.
local
low complexity
linux debian canonical redhat
5.5
5.5