Vulnerabilities > Linux > Linux Kernel > 4.18
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-17 | CVE-2018-18445 | Out-of-bounds Read vulnerability in multiple products In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. | 7.8 |
2018-10-08 | CVE-2018-14656 | Improper Input Validation vulnerability in Linux Kernel A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log. | 5.5 |
2018-10-07 | CVE-2018-18021 | Improper Input Validation vulnerability in Linux Kernel arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. | 3.6 |
2018-10-03 | CVE-2018-17972 | Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. | 5.5 |
2018-09-25 | CVE-2018-14633 | Stack-based Buffer Overflow vulnerability in multiple products A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. | 7.0 |
2018-09-19 | CVE-2018-17182 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 4.18.8. | 7.8 |
2018-09-07 | CVE-2018-16658 | Information Exposure vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.18.6. | 3.6 |
2018-09-06 | CVE-2018-5391 | Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. | 7.5 |
2018-08-20 | CVE-2018-15594 | Information Exposure vulnerability in multiple products arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. | 2.1 |
2018-08-20 | CVE-2018-15572 | The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. | 2.1 |