Vulnerabilities > Linux > Linux Kernel > 4.4.38
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-11-26 | CVE-2018-14646 | NULL Pointer Dereference vulnerability in multiple products The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. | 5.5 |
2018-11-21 | CVE-2018-19407 | NULL Pointer Dereference vulnerability in multiple products The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. | 5.5 |
2018-11-21 | CVE-2018-19406 | NULL Pointer Dereference vulnerability in Linux Kernel kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized. | 5.5 |
2018-11-06 | CVE-2018-9363 | Integer Overflow or Wraparound vulnerability in multiple products In the hidp_process_report in bluetooth, there is an integer overflow. | 8.4 |
2018-10-30 | CVE-2018-18281 | Incomplete Cleanup vulnerability in multiple products Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. | 7.8 |
2018-10-29 | CVE-2018-18710 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel through 4.19. | 5.5 |
2018-10-26 | CVE-2018-18690 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form. | 5.5 |
2018-10-22 | CVE-2018-18559 | Use After Free vulnerability in multiple products In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. | 8.1 |
2018-10-17 | CVE-2018-18386 | Incorrect Type Conversion or Cast vulnerability in multiple products drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. | 3.3 |
2018-10-07 | CVE-2018-18021 | Improper Input Validation vulnerability in multiple products arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. | 7.1 |