CVE-2018-13053
- EPSS 0.51%
- Veröffentlicht 02.07.2018 12:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:18
The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.
CVE-2018-12928
- EPSS 0.4%
- Veröffentlicht 28.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:07
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2018-12929
- EPSS 0.4%
- Veröffentlicht 28.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:08
ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.
CVE-2018-12930
- EPSS 0.43%
- Veröffentlicht 28.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:08
ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a ...
CVE-2018-12931
- EPSS 0.43%
- Veröffentlicht 28.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:08
ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs...
CVE-2016-10723
- EPSS 0.38%
- Veröffentlicht 21.06.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 02:44:35
An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the...
CVE-2018-1120
- EPSS 7.29%
- Veröffentlicht 20.06.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:13
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w...
CVE-2018-1121
- EPSS 4.19%
- Veröffentlicht 13.06.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:13
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list...
CVE-2018-5848
- EPSS 0.37%
- Veröffentlicht 12.06.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:32
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS...
- EPSS 0.38%
- Veröffentlicht 12.06.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 04:09:27
In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by s...