Vulnerabilities > Linux > Linux Kernel > 4.17
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-12 | CVE-2018-12232 | Race Condition vulnerability in Linux Kernel In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. | 5.9 |
| 2018-05-21 | CVE-2018-1108 | Use of Insufficiently Random Values vulnerability in multiple products kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. | 5.9 |
| 2018-05-15 | CVE-2018-1087 | kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. | 7.8 |
| 2018-05-10 | CVE-2018-1118 | Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. | 5.5 |
| 2018-05-10 | CVE-2018-1130 | NULL Pointer Dereference vulnerability in multiple products Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls. | 5.5 |
| 2018-04-12 | CVE-2018-10074 | NULL Pointer Dereference vulnerability in Linux Kernel The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval. | 5.5 |
| 2018-04-11 | CVE-2018-10021 | Unspecified vulnerability in Linux Kernel drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. | 5.5 |
| 2018-01-16 | CVE-2018-1000004 | Race Condition vulnerability in Linux Kernel In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition. | 5.9 |
| 2017-04-24 | CVE-2010-5321 | Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. | 4.3 |
| 2017-03-03 | CVE-2015-2877 | Information Exposure vulnerability in multiple products Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. | 3.3 |