Vulnerabilities > Linux

DATE CVE VULNERABILITY TITLE RISK
2018-03-05 CVE-2017-18218 Use After Free vulnerability in Linux Kernel
In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in skb handling between hns_nic_net_xmit_hw and hns_nic_net_xmit.
local
low complexity
linux CWE-416
7.8
2018-03-05 CVE-2017-18216 NULL Pointer Dereference vulnerability in Linux Kernel
In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.
local
low complexity
linux CWE-476
5.5
2018-03-02 CVE-2018-1066 NULL Pointer Dereference vulnerability in multiple products
The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.
network
low complexity
linux debian canonical CWE-476
6.5
2018-03-02 CVE-2018-1065 NULL Pointer Dereference vulnerability in Linux Kernel
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.
local
high complexity
linux CWE-476
4.7
2018-03-01 CVE-2017-18208 Infinite Loop vulnerability in Linux Kernel
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.
local
low complexity
linux CWE-835
5.5
2018-02-27 CVE-2017-18204 Unspecified vulnerability in Linux Kernel
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
local
low complexity
linux
5.5
2018-02-27 CVE-2017-18203 Race Condition vulnerability in Linux Kernel
The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.
local
high complexity
linux CWE-362
4.7
2018-02-27 CVE-2017-18202 Use After Free vulnerability in Linux Kernel
The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window.
local
high complexity
linux CWE-416
7.0
2018-02-26 CVE-2018-7492 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.
local
low complexity
linux debian canonical CWE-476
5.5
2018-02-26 CVE-2017-18200 Improper Input Validation vulnerability in Linux Kernel
The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim.
local
low complexity
linux CWE-20
5.5