Linux

Linux Kernel

12164 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2018-1094

Exploit
  • EPSS 0.27%
  • Published 02.04.2018 03:29:00
  • Last modified 21.11.2024 03:59:10

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system ...

7.1

CVE-2018-1095

Exploit
  • EPSS 0.15%
  • Published 02.04.2018 03:29:00
  • Last modified 21.11.2024 03:59:10

The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of ser...

7.8

CVE-2017-18255

  • EPSS 0.11%
  • Published 31.03.2018 17:29:00
  • Last modified 21.11.2024 03:19:41

The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by ...

7.8

CVE-2018-7566

  • EPSS 0.13%
  • Published 30.03.2018 21:29:02
  • Last modified 21.11.2024 04:12:22

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

5.5

CVE-2018-1091

  • EPSS 0.05%
  • Published 27.03.2018 21:29:00
  • Last modified 21.11.2024 03:59:09

In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check an...

7

CVE-2017-18249

  • EPSS 0.07%
  • Published 26.03.2018 20:29:00
  • Last modified 21.11.2024 03:19:40

The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent thre...

5.5

CVE-2017-18241

  • EPSS 0.09%
  • Published 21.03.2018 16:29:00
  • Last modified 21.11.2024 03:19:39

fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.

7.8

CVE-2018-8822

  • EPSS 0.03%
  • Published 20.03.2018 17:29:00
  • Last modified 21.11.2024 04:14:23

Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicio...

7.2

CVE-2018-1068

  • EPSS 0.04%
  • Published 16.03.2018 16:29:00
  • Last modified 21.11.2024 03:59:06

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

5.5

CVE-2017-18232

  • EPSS 0.08%
  • Published 15.03.2018 04:29:00
  • Last modified 21.11.2024 03:19:38

The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.