Vulnerabilities > Linux > Linux Kernel > 4.3.3

DATE CVE VULNERABILITY TITLE RISK
2018-08-10 CVE-2018-7754 Information Exposure Through Log Files vulnerability in Linux Kernel
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.
local
low complexity
linux CWE-532
5.5
2018-08-07 CVE-2018-5995 Information Exposure vulnerability in Linux Kernel
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.
local
low complexity
linux CWE-200
5.5
2018-08-07 CVE-2018-5953 Information Exposure vulnerability in multiple products
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.
local
low complexity
linux debian CWE-200
5.5
2018-07-30 CVE-2018-10883 A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
debian linux canonical redhat
5.5
2018-07-30 CVE-2017-7518 Improper Handling of Exceptional Conditions vulnerability in multiple products
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack.
local
low complexity
redhat debian canonical linux CWE-755
7.8
2018-07-30 CVE-2017-7482 Integer Overflow or Wraparound vulnerability in multiple products
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field.
local
low complexity
linux debian redhat CWE-190
7.8
2018-07-29 CVE-2018-14734 Use After Free vulnerability in multiple products
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
local
low complexity
linux canonical debian CWE-416
7.8
2018-07-27 CVE-2017-2618 A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10.
local
low complexity
linux redhat debian
5.5
2018-07-27 CVE-2018-14617 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel through 4.17.10.
local
low complexity
linux debian canonical CWE-476
5.5
2018-07-27 CVE-2018-14616 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.10.
local
low complexity
linux CWE-476
5.5