Vulnerabilities > Linux > Linux Kernel > 4.9.215

DATE CVE VULNERABILITY TITLE RISK
2018-05-28 CVE-2018-11508 Information Exposure vulnerability in Linux Kernel
The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex.
local
low complexity
linux canonical CWE-200
2.1
2018-05-18 CVE-2017-18270 Unspecified vulnerability in Linux Kernel
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service.
local
low complexity
linux
3.6
2018-05-18 CVE-2018-11232 Improper Input Validation vulnerability in Linux Kernel
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
local
low complexity
linux CWE-20
4.9
2018-05-10 CVE-2018-1118 Improper Initialization vulnerability in multiple products
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function.
local
low complexity
linux debian canonical redhat CWE-665
5.5
2018-05-10 CVE-2018-1130 NULL Pointer Dereference vulnerability in Linux Kernel
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
local
low complexity
linux debian canonical redhat CWE-476
4.9
2018-05-09 CVE-2018-10940 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
local
low complexity
linux debian CWE-119
4.9
2018-04-24 CVE-2018-10323 NULL Pointer Dereference vulnerability in multiple products
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.
local
low complexity
linux canonical debian CWE-476
4.9
2018-04-24 CVE-2018-10322 NULL Pointer Dereference vulnerability in multiple products
The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.
local
low complexity
linux redhat CWE-476
4.9
2018-04-19 CVE-2017-18261 Infinite Loop vulnerability in Linux Kernel
The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace, PREEMPT_TRACER, and FUNCTION_GRAPH_TRACER.
local
low complexity
linux CWE-835
4.9
2018-04-16 CVE-2018-10124 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.
local
low complexity
linux debian canonical CWE-119
2.1