High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-28	CVE-2018-14678	Improper Initialization vulnerability in multiple products An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. local low complexity linux xen debian canonical CWE-665	7.8
2018-07-27	CVE-2017-2634	NULL Pointer Dereference vulnerability in multiple products It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. network low complexity linux redhat CWE-476	7.5
2018-07-26	CVE-2018-10879	Use After Free vulnerability in multiple products A flaw was found in the Linux kernel's ext4 filesystem. local low complexity canonical linux debian redhat CWE-416	7.8
2018-07-26	CVE-2018-10878	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity canonical linux debian redhat	7.8
2018-07-26	CVE-2018-10901	A flaw was found in Linux kernel's KVM virtualization subsystem. local low complexity linux redhat	7.8
2018-07-26	CVE-2017-7558	Out-of-bounds Read vulnerability in multiple products A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. network low complexity linux debian CWE-125	7.5
2018-07-06	CVE-2018-5873	Use After Free vulnerability in multiple products An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. local high complexity google linux CWE-416	7.0
2018-07-06	CVE-2018-13406	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. local low complexity linux canonical debian CWE-190	7.8
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2018-06-28	CVE-2018-12931	Out-of-bounds Write vulnerability in multiple products ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. local low complexity linux canonical CWE-787	7.8