4.9.210.1

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-01	CVE-2019-7308	Numeric Errors vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. local high complexity linux canonical opensuse CWE-189	5.6
2018-12-17	CVE-2018-20169	Resource Exhaustion vulnerability in multiple products An issue was discovered in the Linux kernel before 4.19.9. low complexity linux canonical debian CWE-400	6.8
2018-10-03	CVE-2018-17972	Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. local low complexity linux canonical redhat debian CWE-362	5.5
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-08-07	CVE-2018-5953	Information Exposure vulnerability in multiple products The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call. local low complexity linux debian CWE-200	2.1
2018-08-06	CVE-2018-5390	Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. network low complexity redhat linux canonical debian hp hpe f5 a10networks cisco CWE-400	7.5
2018-07-27	CVE-2018-14613	NULL Pointer Dereference vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 4.17.10. network linux CWE-476	7.1
2018-07-26	CVE-2017-18344	Out-of-bounds Read vulnerability in multiple products The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). local low complexity linux canonical redhat CWE-125	2.1
2018-07-26	CVE-2018-10881	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's ext4 filesystem. local low complexity debian canonical linux redhat CWE-787	5.5
2018-07-26	CVE-2018-10879	Use After Free vulnerability in multiple products A flaw was found in the Linux kernel's ext4 filesystem. local low complexity canonical linux debian redhat CWE-416	7.8