6 matches found
CVE-2018-7757
The CVE-2018-7757 issue affects the Linux kernel (up to version 4.15.7) and is caused by a memory leak in the sas_smp_get_phy_events function located at drivers/scsi/libsas/sas_expander.c. The vulnerability can lead to a denial of service due to memory consumption when a local attacker performs m...
CVE-2018-7740
CVE-2018-7740 affects the Linux kernel, where the resv_map_release function in mm/hugetlb.c up to version 4.15.7 is vulnerable. A local attacker can cause a denial of service by crafting an app that uses mmap and a large pgoff with remap_file_pages, triggering a BUG. The connected Nessus reports ...
CVE-2018-7755
CVE-2018-7755 affects the Linux kernel floppy driver: the fd_locked_ioctl path in drivers/block/floppy.c copies a kernel pointer to user memory in response to FDGETPRM, enabling a local attacker with floppy access to discover kernel code/data locations and bypass KASLR. The issue is in kernel ver...
CVE-2018-7995
CVE-2018-7995 describes a race condition in Linux kernel’s store_int_with_restart() (arch/x86/kernel/cpu/mcheck/mce.c) up to version 4.15.7. This flaw lets a local attacker with root access to write to /sys/devices/system/machinecheck/machinecheck/check_interval and trigger a denial of service/pa...
CVE-2018-1065
The CVE-2018-1065 entry affects the Linux kernel netfilter subsystem up to version 4.15.7. A rule blob containing a jump without a user-defined chain can be exploited by local users with CAP_NET_RAW or CAP_NET_ADMIN to trigger a NULL pointer dereference, causing denial of service. Affected code p...
CVE-2018-1000028
CVE-2018-1000028 is a Linux kernel vulnerability affecting kernels released after commit bdcf0a423ea1 (examples: 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+). It describes an Incorrect Access Control flaw in the NFS server (nfsd) that can let remote attackers read or write files they should not access ...