Linux

Linux Kernel

14023 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2018-1095

Exploit
  • EPSS 0.15%
  • Veröffentlicht 02.04.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:10

The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of ser...

7.8

CVE-2017-18255

  • EPSS 0.11%
  • Veröffentlicht 31.03.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:41

The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by ...

7.8

CVE-2018-7566

  • EPSS 0.05%
  • Veröffentlicht 30.03.2018 21:29:02
  • Zuletzt bearbeitet 21.11.2024 04:12:22

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

5.5

CVE-2018-1091

  • EPSS 0.08%
  • Veröffentlicht 27.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:09

In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check an...

7

CVE-2017-18249

  • EPSS 0.06%
  • Veröffentlicht 26.03.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:40

The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent thre...

5.5

CVE-2017-18241

  • EPSS 0.09%
  • Veröffentlicht 21.03.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:39

fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.

7.8

CVE-2018-8822

  • EPSS 0.05%
  • Veröffentlicht 20.03.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:23

Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicio...

7.2

CVE-2018-1068

  • EPSS 0.04%
  • Veröffentlicht 16.03.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:06

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

5.5

CVE-2017-18232

  • EPSS 0.09%
  • Veröffentlicht 15.03.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:38

The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.

5.5

CVE-2018-8087

  • EPSS 0.04%
  • Veröffentlicht 13.03.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:13:14

Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.