CVE-2018-20169
- EPSS 0.59%
- Veröffentlicht 17.12.2018 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:01:00
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
CVE-2018-9517
- EPSS 0.42%
- Veröffentlicht 07.12.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 04:15:37
In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: A...
CVE-2018-9516
- EPSS 0.42%
- Veröffentlicht 06.11.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:15:37
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e...
CVE-2018-9422
- EPSS 0.22%
- Veröffentlicht 06.11.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:15:26
In get_futex_key of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android...
CVE-2018-17977
- EPSS 0.38%
- Veröffentlicht 08.10.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:19
The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to e...
CVE-2018-18021
- EPSS 0.57%
- Veröffentlicht 07.10.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:23
arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of ...
CVE-2018-10853
- EPSS 0.47%
- Veröffentlicht 11.09.2018 14:29:01
- Zuletzt bearbeitet 21.11.2024 03:42:08
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process co...
CVE-2018-7754
- EPSS 0.38%
- Veröffentlicht 10.08.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:40
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.
CVE-2018-5953
- EPSS 0.4%
- Veröffentlicht 07.08.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:44
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.
CVE-2018-5995
- EPSS 0.41%
- Veröffentlicht 07.08.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:50
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.