Vulnerabilities > Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-11-06 CVE-2018-9363 Integer Overflow or Wraparound vulnerability in multiple products
In the hidp_process_report in bluetooth, there is an integer overflow.
local
low complexity
google canonical debian linux CWE-190
8.4
2018-10-30 CVE-2018-18281 Incomplete Cleanup vulnerability in multiple products
Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks.
local
low complexity
linux canonical debian CWE-459
7.8
2018-10-22 CVE-2018-18559 Use After Free vulnerability in multiple products
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket.
network
high complexity
linux redhat CWE-416
8.1
2018-10-17 CVE-2018-18445 Out-of-bounds Read vulnerability in multiple products
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.
local
low complexity
linux canonical redhat CWE-125
7.8
2018-10-07 CVE-2018-18021 Improper Input Validation vulnerability in multiple products
arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl.
local
low complexity
linux debian canonical CWE-20
7.1
2018-09-25 CVE-2018-14634 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function.
local
low complexity
linux redhat canonical netapp CWE-190
7.8
2018-09-25 CVE-2018-14633 Stack-based Buffer Overflow vulnerability in multiple products
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed.
network
high complexity
linux debian canonical redhat CWE-121
7.0
2018-09-19 CVE-2018-17182 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 4.18.8.
local
low complexity
linux canonical debian netapp CWE-416
7.8
2018-09-11 CVE-2018-10853 Improper Privilege Management vulnerability in multiple products
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor.
local
low complexity
canonical debian linux CWE-269
7.8
2018-09-10 CVE-2018-14625 Use After Free vulnerability in multiple products
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest.
local
high complexity
linux canonical debian CWE-416
7.0