Vulnerabilities > Linux > Linux Kernel
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-13 | CVE-2018-10087 | Improper Input Validation vulnerability in multiple products The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value. | 5.5 |
| 2018-04-12 | CVE-2018-10074 | NULL Pointer Dereference vulnerability in Linux Kernel The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval. | 5.5 |
| 2018-04-11 | CVE-2018-10021 | Unspecified vulnerability in Linux Kernel drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. | 5.5 |
| 2018-04-04 | CVE-2017-18257 | Integer Overflow or Wraparound vulnerability in multiple products The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. | 5.5 |
| 2018-04-02 | CVE-2018-1095 | NULL Pointer Dereference vulnerability in Linux Kernel The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image. | 5.5 |
| 2018-04-02 | CVE-2018-1094 | NULL Pointer Dereference vulnerability in multiple products The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image. | 5.5 |
| 2018-04-02 | CVE-2018-1093 | Out-of-bounds Read vulnerability in Linux Kernel The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers. | 5.5 |
| 2018-04-02 | CVE-2018-1092 | NULL Pointer Dereference vulnerability in Linux Kernel The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image. | 5.5 |
| 2018-03-31 | CVE-2017-18255 | Integer Overflow or Wraparound vulnerability in Linux Kernel The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation. | 7.8 |
| 2018-03-30 | CVE-2018-7566 | Race Condition vulnerability in multiple products The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. | 7.8 |