Vulnerabilities > Linux > Linux Kernel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-29 | CVE-2018-18710 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel through 4.19. | 5.5 |
| 2018-10-26 | CVE-2018-18690 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form. | 5.5 |
| 2018-10-08 | CVE-2018-14656 | Unspecified vulnerability in Linux Kernel A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log. | 5.5 |
| 2018-10-08 | CVE-2018-17977 | Resource Exhaustion vulnerability in Linux Kernel 4.14.67 The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7. | 4.4 |
| 2018-10-03 | CVE-2018-17972 | Race Condition vulnerability in multiple products An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. | 5.5 |
| 2018-09-21 | CVE-2018-16597 | Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 4.8. | 5.5 |
| 2018-09-18 | CVE-2018-14641 | Improper Input Validation vulnerability in Linux Kernel 4.19 A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ip_do_fragment(). | 5.9 |
| 2018-09-07 | CVE-2018-16658 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel before 4.18.6. | 6.1 |
| 2018-09-04 | CVE-2018-6554 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. | 5.5 |
| 2018-08-27 | CVE-2018-10938 | Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. | 5.9 |