VYPR

Kernel

by Linux

Source repositories

CVEs (15,817)

  • CVE-2018-13100MedJul 3, 2018
    risk 0.00cvss 5.5epss 0.02

    An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error.

  • CVE-2018-13099MedJul 3, 2018
    risk 0.00cvss 5.5epss 0.03

    An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.

  • CVE-2018-13098MedJul 3, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.

  • CVE-2018-13097MedJul 3, 2018
    risk 0.00cvss 5.5epss 0.02

    An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image, leading to a denial of service (BUG).

  • CVE-2018-13096MedJul 3, 2018
    risk 0.00cvss 5.5epss 0.03

    An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.

  • CVE-2018-13095MedJul 3, 2018
    risk 0.00cvss 5.5epss 0.02

    An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.

  • CVE-2018-13094MedJul 3, 2018
    risk 0.00cvss 5.5epss 0.02

    An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.

  • CVE-2018-12896MedJul 2, 2018
    risk 0.00cvss 5.5epss 0.01

    An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the…

  • CVE-2018-13053LowJul 2, 2018
    risk 0.00cvss 3.3epss 0.01

    The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.

  • CVE-2018-1000204MedJun 26, 2018
    risk 0.00cvss 5.3epss 0.02

    Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in…

  • CVE-2018-5814HigJun 12, 2018
    risk 0.00cvss 7.0epss 0.00

    In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP…

  • CVE-2018-5803MedJun 12, 2018
    risk 0.00cvss 5.5epss 0.01

    In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

  • CVE-2018-1000200MedJun 5, 2018
    risk 0.00cvss 5.5epss 0.00

    The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for…

  • CVE-2018-11506HigMay 28, 2018
    risk 0.00cvss 7.8epss 0.00

    The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the…

  • CVE-2017-18270HigMay 18, 2018
    risk 0.00cvss 7.1epss 0.00

    In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service.

  • CVE-2018-1130MedMay 10, 2018
    risk 0.00cvss 5.5epss 0.01

    Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

  • CVE-2018-10675HigMay 2, 2018
    risk 0.00cvss 7.8epss 0.00

    The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

  • CVE-2017-18261MedApr 19, 2018
    risk 0.00cvss 5.5epss 0.00

    The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario…

  • CVE-2018-10124MedApr 16, 2018
    risk 0.00cvss 5.5epss 0.01

    The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.

  • CVE-2018-10087MedApr 13, 2018
    risk 0.00cvss 5.5epss 0.00

    The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.

Page 734 of 791