Lucene search
K
LinuxLinux Kernel3.18.1

15 matches found

CVE
CVE
added 2014/12/17 11:0 a.m.176 views

CVE-2014-8133

CVE-2014-8133 affects the Linux kernel TLS implementation (arch/x86/kernel/tls.c) up to version 3.18.1. A local attacker can exploit a crafted application that uses set_thread_area and subsequently reads a 16‑bit value to bypass the espfix protection and, in turn, bypass ASLR. The description con...

2.1CVSS4.8AI score0.00583EPSS
CVE
CVE
added 2014/12/26 12:0 a.m.171 views

CVE-2014-9419

CVE-2014-9419 affects the Linux kernel (arch/x86/kernel/process_64.c) up to version 3.18.1. The issue fails to ensure TLS descriptors are loaded before proceeding with other steps, enabling a local attacker to bypass ASLR by crafting an application that reads a TLS base address. Connected advisor...

2.1CVSS4.7AI score0.00436EPSS
CVE
CVE
added 2015/03/03 11:0 a.m.139 views

CVE-2014-9683

CVE-2014-9683 describes an off-by-one error in the Linux kernel’s eCryptfs path: ecryptfs_decode_from_filename in fs/ecryptfs/crypto.c (pre-3.18.2). A crafted filename can cause a buffer overflow, leading to a denial of service and, potentially, local privilege escalation. The vulnerability is lo...

3.6CVSS5.2AI score0.00447EPSS
CVE
CVE
added 2014/12/26 12:0 a.m.136 views

CVE-2014-9420

CVE-2014-9420 affects the Linux kernel iso9660 isofs rock.c: rock_continue does not bound the number of Rock Ridge continuation entries, allowing a local attacker crafting an ISO image to trigger an infinite loop and cause DoS (system hang/crash) on kernels up to 3.18.1. Public advisories from Ce...

4.9CVSS4.7AI score0.00455EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.124 views

CVE-2014-9731

The CVE-2014-9731 entry concerns the Linux kernel’s UDF filesystem (CONFIG_UDF_FS) for versions before 3.18.2. The vulnerability arises because the UDF symlink path length validation may not accommodate space for storing a symlink target’s name plus a trailing NUL, enabling a local attacker to ob...

2.1CVSS5.4AI score0.00424EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.117 views

CVE-2014-9728

CVE-2014-9728 concerns the Linux kernel UDF filesystem before 3.18.2, where missing validation of certain lengths in fs/udf/inode.c and fs/udf/symlink.c can enable a local attacker to trigger a denial of service via a crafted UDF image, potentially causing a buffer over-read and system crash. The...

4.9CVSS5.4AI score0.00451EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.114 views

CVE-2014-9729

CVE-2014-9729 affects the Linux kernel’s UDF filesystem implementation (fs/udf/inode.c: udf_read_inode). The issue is the function’s failure to ensure data-structure size consistency, enabling a local attacker to crash the system via a crafted UDF image. The vulnerability exists in kernel version...

4.9CVSS5.3AI score0.00406EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.113 views

CVE-2014-9730

CVE-2014-9730 affects the Linux kernel’s UDF support. The function udf_pc_to_char in fs/udf/symlink.c relies on unused component lengths, enabling a local attacker to trigger a denial of service (system crash) by mounting a crafted UDF image. The vulnerability is fixed in kernel 3.18.2 (see Chang...

4.9CVSS5.3AI score0.00407EPSS
CVE
CVE
added 2014/12/24 3:0 p.m.98 views

CVE-2014-4322

CVE-2014-4322 affects the Linux kernel 3.x QSEECOM driver. The qseecom.c ioctl logic does not validate certain offset, length, and base values, enabling a crafted application to escalate privileges or trigger memory corruption. Affected component: drivers/misc/qseecom.c in the QSEECOM driver used...

7.2CVSS7.2AI score0.02038EPSS
Web
CVE
CVE
added 2026/01/25 2:36 p.m.34 views

CVE-2026-23001

CVE-2026-23001 – Linux kernel macvlan UAF fix Multiple connected advisories reference this CVE as a fix in the macvlan subsystem. The vulnerability is described as a use-after-free (UAF) in macvlan_forward_source(), with the fix adding RC (read-copy-update) protection on (struct macvlan_source_en...

7.8CVSS5.2AI score0.00188EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.27 views

CVE-2026-31516

The CVE-2026-31516 relates to the Linux kernel XFRM subsystem. A race occurs during net namespace teardown when a work item (policy_hthresh.work) queued by XFRM_MSG_NEWSPDINFO may run after the netns is freed, allowing xfrm_hash_rebuild() to dereference a freed struct net (potential use-after-fre...

7.8CVSS5.6AI score0.00099EPSS
CVE
CVE
added 2026/05/06 11:29 a.m.24 views

CVE-2026-43281

CVE-2026-43281 affects the Linux kernel mailbox subsystem. The flaw is an out-of-bounds access in fw_mbox_index_xlate() that can occur when #mbox-cells is

7.1CVSS5.7AI score0.00119EPSS
CVE
CVE
added 2026/01/13 3:34 p.m.22 views

CVE-2025-71093

Technical details for CVE-2025-71093 are not provided in the connected documents. The Initial Description mentions an OOB read in e1000_tbi_should_accept() and a fix. Monitor for updates.

7.1CVSS6AI score0.00117EPSS
CVE
CVE
added 2026/04/03 3:15 p.m.13 views

CVE-2026-23439

The CVE-2026-23439 entry describes a Linux kernel issue in udp_tunnel where, if CONFIG_IPV6 is disabled, udp_sock_create6() can return success without creating a socket. This leads to a NULL pointer dereference when callers like fou_create() dereference the uninitialized socket pointer, causing a...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/06/26 7:40 p.m.13 views

CVE-2026-53295

The CVE-2026-53295 entry covers a Linux kernel vulnerability in the mailbox subsystem: a missing sanity check for the mailbox channel array can lead to a dereference and an OOPS if no channel array is attached. The publicly provided connected sources confirm a patch/fix was applied in kernels and...

5.5CVSS5.8AI score0.00177EPSS