CVE-2018-0397

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service DoS condition. The vulnerability exists if the affected software is...

Race condition

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service DoS condition. The vulnerability exists if the affected software is...

CVE-2018-0397

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service DoS condition. The vulnerability exists if the affected software is...

Null pointer dereference

An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfspluslookup in fs/hfsplus/dir.c when opening a file that is purportedly a hard link in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata...

CVE-2018-14617

An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfspluslookup in fs/hfsplus/dir.c when opening a file that is purportedly a hard link in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata...

CVE-2018-14617

CVE-2018-14617 affects the Linux kernel up to 4.17.10. A NULL pointer dereference and panic occur in hfsplus_lookup() when opening a file in an HFS+ filesystem with malformed catalog data mounted read-only without a metadata directory, potentially causing a kernel panic. Connected Nessus entry co...

CVE-2018-14617

An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfspluslookup in fs/hfsplus/dir.c when opening a file that is purportedly a hard link in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata...

Possible double free during unwinding in SmallVec::insert_many

If an iterator passed to SmallVec::insertmany panicked in Iterator::next, destructors were run during unwinding while the vector was in an inconsistent state, possibly causing a double free a destructor running on two copies of the same value. This is fixed in smallvec 0.6.3 by ensuring that the...

kernel: Divide-by-zero in __tcp_select_window

A divide-by-zero vulnerability was found in the tcpselectwindow function in the Linux kernel. This can result in a kernel panic causing a local denial of service...

Open redirect

In Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be copied...

CVE-2018-5896

CVE-2018-5896 affects Android CAF builds using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) prior to the 2018-06-05 security patch level. The issue is a kernel panic caused by an out-of-bounds read from not checking the source buffer length against the packet stream length ...

CVE-2018-5896

In Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be copied...

CVE-2018-13093

An issue was discovered in the XFS filesystem in fs/xfs/xfsicache.c in the Linux kernel. There is a NULL pointer dereference leading to a system panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that...

CVE-2018-13093

An issue was discovered in fs/xfs/xfsicache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free...

CVE-2018-13093

An issue was discovered in fs/xfs/xfsicache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free...

CVE-2018-13093

An issue was discovered in fs/xfs/xfsicache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free...

CVE-2018-13093

CVE-2018-13093 relates to a NULL pointer dereference in Linux kernel fs/xfs/xfs_icache.c during pathwalks on a corrupted XFS image, caused by missing validation that cached inodes are freed during allocation. Impact: potential crash/DoS. Remediation: Debian LTS advisory DLA-2114-1 lists this CVE ...

Double free

ntfsreadlockedinode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service kernel oops or panic via a crafted ntfs filesystem...

DEBIAN-CVE-2018-12931

ntfsattrfind in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service kernel oops or panic or possibly have unspecified other impact via a crafted ntfs filesystem...

CVE-2018-12929

ntfsreadlockedinode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service kernel oops or panic via a crafted ntfs filesystem...