Linux Kernel Security Vulnerabilities and Issues — Linux Kernel CVE List

Lucene search

LinuxLinux Kernel

15 matches found

CVE•added 2018/06/12 4:29 p.m.•352 views

CVE-2018-5803

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

5.5CVSS6.3AI score0.0006EPSS

CVE•added 2018/06/26 2:29 p.m.•323 views

CVE-2018-1000204

Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599a...

6.3CVSS6AI score0.00134EPSS

CVE•added 2018/06/20 1:29 p.m.•322 views

CVE-2018-1120

A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call ...

5.3CVSS6.3AI score0.00986EPSS

CVE•added 2018/06/12 4:29 p.m.•231 views

CVE-2018-5814

In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets.

7CVSS6AI score0.00029EPSS

CVE•added 2018/06/12 12:29 p.m.•160 views

CVE-2018-12232

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows ...

7.1CVSS7.1AI score0.03298EPSS

CVE•added 2018/06/12 12:29 p.m.•159 views

CVE-2018-12233

In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create...

7.8CVSS7.3AI score0.00074EPSS

CVE•added 2018/06/05 1:29 p.m.•103 views

CVE-2018-1000200

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can ...

5.5CVSS6.2AI score0.00084EPSS

CVE•added 2018/06/28 2:29 p.m.•98 views

CVE-2018-12928

In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.

5.5CVSS6.1AI score0.0012EPSS

CVE•added 2018/06/28 2:29 p.m.•80 views

CVE-2018-12930

ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

7.8CVSS7.8AI score0.00113EPSS

CVE•added 2018/06/28 2:29 p.m.•78 views

CVE-2018-12929

ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.

5.5CVSS5.8AI score0.0012EPSS

CVE•added 2018/06/27 11:29 a.m.•77 views

CVE-2018-12904

In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.

4.9CVSS5.5AI score0.00182EPSS

CVE•added 2018/06/22 12:29 a.m.•74 views

CVE-2018-12633

An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables ...

6.3CVSS7AI score0.00025EPSS

CVE•added 2018/06/21 1:29 p.m.•71 views

CVE-2016-10723

An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurrent page fault ...

5.5CVSS5.6AI score0.00106EPSS

CVE•added 2018/06/28 2:29 p.m.•68 views

CVE-2018-12931

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

7.8CVSS7.8AI score0.00113EPSS

CVE•added 2018/06/24 11:29 p.m.•62 views

CVE-2018-12714

An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial ...

10CVSS9.5AI score0.01204EPSS