Vulnerabilities > Linux > Linux Kernel > 4.18.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-17 | CVE-2018-18445 | Out-of-bounds Read vulnerability in multiple products In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. | 7.8 |
2018-10-08 | CVE-2018-14656 | Improper Input Validation vulnerability in Linux Kernel A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log. | 5.5 |
2018-10-07 | CVE-2018-18021 | Improper Input Validation vulnerability in Linux Kernel arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. | 3.6 |
2018-10-03 | CVE-2018-17972 | Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. | 5.5 |
2018-09-25 | CVE-2018-14633 | Stack-based Buffer Overflow vulnerability in multiple products A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. | 7.0 |
2018-08-17 | CVE-2018-15471 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. | 7.8 |
2018-07-26 | CVE-2018-10878 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's ext4 filesystem. | 7.8 |
2018-05-21 | CVE-2018-1108 | Use of Insufficiently Random Values vulnerability in multiple products kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. | 5.9 |
2018-04-11 | CVE-2018-10021 | Unspecified vulnerability in Linux Kernel drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. | 5.5 |
2017-04-24 | CVE-2010-5321 | Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. | 4.3 |