Vulnerabilities > Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-08-17 CVE-2018-15471 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products.
local
low complexity
xen linux canonical CWE-125
7.8
7.8
2018-08-06 CVE-2018-5390 Resource Exhaustion vulnerability in multiple products
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. 		7.5
7.5
2018-07-30 CVE-2017-7518 Improper Handling of Exceptional Conditions vulnerability in multiple products
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack.
local
low complexity
redhat debian canonical linux CWE-755
7.8
7.8
2018-07-30 CVE-2017-7482 Integer Overflow or Wraparound vulnerability in multiple products
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field.
local
low complexity
linux debian redhat CWE-190
7.8
7.8
2018-07-29 CVE-2018-14734 Use After Free vulnerability in multiple products
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).
local
low complexity
linux canonical debian CWE-416
7.8
7.8
2018-07-28 CVE-2018-14678 Improper Initialization vulnerability in multiple products
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x.
local
low complexity
linux xen debian canonical CWE-665
7.8
7.8
2018-07-27 CVE-2017-2634 It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions.
network
low complexity
linux redhat
7.5
7.5
2018-07-26 CVE-2018-10879 A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
canonical linux debian redhat
7.8
7.8
2018-07-26 CVE-2018-10878 A flaw was found in the Linux kernel's ext4 filesystem.
local
low complexity
canonical linux debian redhat
7.8
7.8
2018-07-26 CVE-2018-10901 A flaw was found in Linux kernel's KVM virtualization subsystem.
local
low complexity
linux redhat
7.8
7.8