Vulnerabilities > Linux > Linux Kernel > 4.4.95

DATE CVE VULNERABILITY TITLE RISK
2018-02-09 CVE-2018-1000026 Improper Input Validation vulnerability in multiple products
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line.
network
low complexity
linux canonical redhat debian CWE-20
7.7
2018-01-31 CVE-2017-16914 NULL Pointer Dereference vulnerability in Linux Kernel
The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet.
network
linux CWE-476
7.1
2018-01-31 CVE-2017-16913 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.
network
linux CWE-119
7.1
2018-01-31 CVE-2017-16912 Out-of-bounds Read vulnerability in Linux Kernel
The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.
network
linux CWE-125
7.1
2018-01-31 CVE-2017-16911 Information Exposure vulnerability in Linux Kernel
The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses.
local
linux CWE-200
1.9
2018-01-31 CVE-2018-6412 Information Exposure vulnerability in Linux Kernel
In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAP_SPARC and FBIOGETCMAP_SPARC commands.
network
low complexity
linux CWE-200
5.0
2018-01-26 CVE-2018-5750 Information Exposure vulnerability in Linux Kernel
The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.
local
low complexity
linux debian canonical redhat CWE-200
2.1
2018-01-24 CVE-2017-18075 Release of Invalid Pointer or Reference vulnerability in multiple products
crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.
local
low complexity
linux canonical CWE-763
7.8
2018-01-14 CVE-2017-15128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12.
local
low complexity
linux redhat CWE-119
4.9
2018-01-14 CVE-2017-15127 Improper Cleanup on Thrown Exception vulnerability in multiple products
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.
local
low complexity
linux redhat CWE-460
5.5