Vulnerabilities > Linux > Linux Kernel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-26 | CVE-2017-7558 | A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. | 7.5 |
| 2018-07-25 | CVE-2018-10880 | Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). | 5.5 |
| 2018-07-18 | CVE-2018-10877 | Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. | 6.5 |
| 2018-07-16 | CVE-2018-10840 | Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. | 6.6 |
| 2018-07-11 | CVE-2016-9604 | Improper Verification of Cryptographic Signature vulnerability in Linux Kernel It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. | 4.4 |
| 2018-07-06 | CVE-2018-5873 | Use After Free vulnerability in multiple products An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. | 7.0 |
| 2018-07-06 | CVE-2018-13406 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. | 7.8 |
| 2018-07-06 | CVE-2018-13405 | Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. | 7.8 |
| 2018-07-03 | CVE-2018-13100 | Divide By Zero vulnerability in multiple products An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error. | 5.5 |
| 2018-07-03 | CVE-2018-13099 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. | 5.5 |