Vulnerabilities > Linux > Linux Kernel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-30 | CVE-2017-17975 | Use After Free vulnerability in Linux Kernel Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure. | 5.5 |
| 2017-12-29 | CVE-2016-3695 | Injection vulnerability in multiple products The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set. | 5.5 |
| 2017-12-27 | CVE-2017-17862 | Improper Input Validation vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. | 5.5 |
| 2017-12-18 | CVE-2017-17741 | Out-of-bounds Read vulnerability in multiple products The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h. | 6.5 |
| 2017-12-12 | CVE-2017-17558 | Out-of-bounds Write vulnerability in multiple products The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources, which allows local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device. | 6.6 |
| 2017-12-07 | CVE-2017-17449 | Information Exposure vulnerability in Linux Kernel The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system. | 4.7 |
| 2017-11-30 | CVE-2017-15116 | NULL Pointer Dereference vulnerability in multiple products The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference). | 5.5 |
| 2017-11-27 | CVE-2017-16994 | Information Exposure vulnerability in Linux Kernel The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call. | 5.5 |
| 2017-11-22 | CVE-2017-12193 | NULL Pointer Dereference vulnerability in Linux Kernel The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations. | 5.5 |
| 2017-11-22 | CVE-2017-12190 | Resource Exhaustion vulnerability in Linux Kernel The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. | 6.5 |