Vulnerabilities > Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-26 | CVE-2018-7492 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST. | 5.5 |
| 2018-02-26 | CVE-2017-18200 | Improper Input Validation vulnerability in Linux Kernel The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim. | 5.5 |
| 2018-02-22 | CVE-2017-18193 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads. | 5.5 |
| 2018-02-21 | CVE-2018-7273 | Information Exposure vulnerability in Linux Kernel In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. | 5.5 |
| 2018-02-09 | CVE-2014-8171 | Resource Management Errors vulnerability in multiple products The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup. | 5.5 |
| 2018-01-31 | CVE-2017-16914 | NULL Pointer Dereference vulnerability in Linux Kernel The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet. | 5.9 |
| 2018-01-31 | CVE-2017-16913 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet. | 5.9 |
| 2018-01-31 | CVE-2017-16912 | Out-of-bounds Read vulnerability in Linux Kernel The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet. | 5.9 |
| 2018-01-31 | CVE-2017-16911 | Information Exposure vulnerability in Linux Kernel The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. | 4.7 |
| 2018-01-26 | CVE-2018-5750 | Information Exposure vulnerability in multiple products The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. | 5.5 |