Max CVSS | 7.2 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-15129 | 4.9 |
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in ne
|
08-02-2024 - 02:07 | 09-01-2018 - 19:29 | |
CVE-2018-1000026 | 6.8 |
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear
|
03-10-2023 - 15:39 | 09-02-2018 - 23:29 | |
CVE-2018-5332 | 7.2 |
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
|
24-02-2023 - 18:43 | 11-01-2018 - 07:29 | |
CVE-2017-17806 | 7.2 |
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HAS
|
19-01-2023 - 16:26 | 20-12-2017 - 23:29 | |
CVE-2017-17805 | 7.2 |
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service
|
19-01-2023 - 15:45 | 20-12-2017 - 23:29 | |
CVE-2018-5344 | 4.6 |
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
|
24-08-2020 - 17:37 | 12-01-2018 - 09:29 | |
CVE-2017-0861 | 4.6 |
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
|
15-07-2020 - 03:15 | 16-11-2017 - 23:29 | |
CVE-2018-5333 | 4.9 |
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
|
22-01-2020 - 19:15 | 11-01-2018 - 07:29 | |
CVE-2017-17450 | 4.6 |
net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data s
|
03-10-2019 - 00:03 | 07-12-2017 - 00:29 | |
CVE-2017-17807 | 2.1 |
The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the request_key() system call, allowing a local user to use a sequence of crafted system ca
|
03-10-2019 - 00:03 | 20-12-2017 - 23:29 | |
CVE-2017-17448 | 4.6 |
net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data
|
03-10-2019 - 00:03 | 07-12-2017 - 00:29 | |
CVE-2017-1000407 | 6.1 |
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
|
14-05-2019 - 22:29 | 11-12-2017 - 21:29 | |
CVE-2018-8043 | 2.1 |
The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).
|
04-03-2019 - 19:11 | 10-03-2018 - 22:29 | |
CVE-2017-17741 | 2.1 |
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
|
25-04-2018 - 01:29 | 18-12-2017 - 08:29 | |
CVE-2017-16994 | 2.1 |
The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system c
|
25-04-2018 - 01:29 | 27-11-2017 - 19:29 |