Vulnerabilities > Linux > Linux Kernel > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-08-20 CVE-2018-15594 Information Exposure vulnerability in multiple products
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.
local
low complexity
debian canonical linux CWE-200
5.5
5.5
2018-08-20 CVE-2018-15572 The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.
local
low complexity
debian canonical linux
6.5
6.5
2018-08-10 CVE-2018-7754 Information Exposure Through Log Files vulnerability in Linux Kernel
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.
local
low complexity
linux CWE-532
5.5
5.5
2018-08-07 CVE-2018-5995 Information Exposure vulnerability in Linux Kernel
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.
local
low complexity
linux CWE-200
5.5
5.5
2018-08-07 CVE-2018-5953 Information Exposure vulnerability in multiple products
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.
local
low complexity
linux debian CWE-200
5.5
5.5
2018-07-30 CVE-2018-10883 A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
debian linux canonical redhat
5.5
5.5
2018-07-27 CVE-2017-2618 A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10.
local
low complexity
linux redhat debian
5.5
5.5
2018-07-27 CVE-2018-10882 A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
linux debian canonical redhat
5.5
5.5
2018-07-27 CVE-2018-14617 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel through 4.17.10.
local
low complexity
linux debian canonical CWE-476
5.5
5.5
2018-07-27 CVE-2018-14616 NULL Pointer Dereference vulnerability in Linux Kernel
An issue was discovered in the Linux kernel through 4.17.10.
local
low complexity
linux CWE-476
5.5
5.5