Vulnerability & Exploit Database

Displaying all 8 entries

Results for: CVE-2018-0641 Back to search

Huawei EulerOS: CVE-2018-10902: kernel security update Vulnerability

  • Severity: 5
  • Published: August 21, 2018

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.

Huawei EulerOS: CVE-2018-10902: kernel security update Vulnerability

  • Severity: 5
  • Published: August 21, 2018

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.

Debian: CVE-2018-10902: linux, linux-4.9 -- security update Vulnerability

  • Severity: 5
  • Published: August 21, 2018

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.

Huawei EulerOS: CVE-2018-5803: kernel security update Vulnerability

  • Severity: 5
  • Published: June 12, 2018

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

Debian: CVE-2018-5803: linux -- security update Vulnerability

  • Severity: 5
  • Published: May 01, 2018

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.