Linux Kernel@4.15 Security Vulnerabilities and Issues — Linux Kernel@4.15 CVE List

Lucene search

LinuxLinux Kernel4.15

10 matches found

CVE•added 2018/11/26 7:29 p.m.•260 views

CVE-2018-14646

The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of serv...

5.5CVSS5.3AI score0.00043EPSS

CVE•added 2018/03/30 9:29 p.m.•256 views

CVE-2018-7566

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

7.8CVSS6.9AI score0.00034EPSS

CVE•added 2018/01/09 7:29 p.m.•241 views

CVE-2017-15129

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and ...

4.9CVSS6.1AI score0.00069EPSS

CVE•added 2018/08/30 12:29 p.m.•107 views

CVE-2018-14619

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user bei...

7.8CVSS7.5AI score0.00118EPSS

CVE•added 2018/06/28 2:29 p.m.•98 views

CVE-2018-12928

In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.

5.5CVSS6.1AI score0.0012EPSS

CVE•added 2018/06/05 1:29 p.m.•97 views

CVE-2018-1000200

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can ...

5.5CVSS6.2AI score0.00084EPSS

CVE•added 2018/06/28 2:29 p.m.•77 views

CVE-2018-12930

ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

7.8CVSS7.8AI score0.00113EPSS

CVE•added 2018/06/28 2:29 p.m.•76 views

CVE-2018-12929

ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.

5.5CVSS5.8AI score0.0012EPSS

CVE•added 2018/02/09 11:29 p.m.•73 views

CVE-2018-1000028

Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS ser...

7.4CVSS7.2AI score0.00308EPSS

CVE•added 2018/06/28 2:29 p.m.•66 views

CVE-2018-12931

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

7.8CVSS7.8AI score0.00113EPSS