Vulnerability & Exploit Database

Displaying all 9 entries

Results for: CVE-2018-0482 Back to search

SUSE: CVE-2018-1000004: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: January 16, 2018

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

SUSE: CVE-2018-5333: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: January 11, 2018

In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.

SUSE: CVE-2018-5332: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: January 11, 2018

In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

SUSE: CVE-2017-15129: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: January 09, 2018

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability co...

SUSE: CVE-2017-5715: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: January 04, 2018

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

SUSE: CVE-2017-18017: SUSE Linux Security Advisory Vulnerability

  • Severity: 10
  • Published: January 03, 2018

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

SUSE: CVE-2017-17864: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: December 27, 2017

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."

SUSE: CVE-2017-17862: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: December 27, 2017

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.

SUSE: CVE-2017-17712: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: December 15, 2017

The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.