Vulnerabilities > Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-29 | CVE-2017-18079 | NULL Pointer Dereference vulnerability in multiple products drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated. | 7.8 |
| 2018-01-24 | CVE-2017-18075 | Release of Invalid Pointer or Reference vulnerability in multiple products crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. | 7.8 |
| 2018-01-23 | CVE-2015-1142857 | 7PK - Security Features vulnerability in multiple products On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. | 8.6 |
| 2018-01-14 | CVE-2017-15126 | Unspecified vulnerability in Linux Kernel A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. | 8.1 |
| 2018-01-12 | CVE-2018-5344 | Use After Free vulnerability in multiple products In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact. | 7.8 |
| 2018-01-11 | CVE-2018-5332 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c). | 7.8 |
| 2017-12-27 | CVE-2017-17863 | Integer Overflow or Wraparound vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact. | 7.8 |
| 2017-12-27 | CVE-2017-17857 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations. | 7.8 |
| 2017-12-27 | CVE-2017-17856 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement. | 7.8 |
| 2017-12-27 | CVE-2017-17855 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars. | 7.8 |