Vulnerability & Exploit Database

Displaying entries 1 - 10 of 31 in total

Results for: CVE-2018-2637 Back to search

SUSE: CVE-2018-3646: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: August 15, 2018

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.

SUSE: CVE-2018-3620: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: August 15, 2018

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

SUSE: CVE-2018-13406: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: July 06, 2018

An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.

SUSE: CVE-2018-13053: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: July 02, 2018

The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.

SUSE: CVE-2018-1000204: SUSE Linux Security Advisory Vulnerability

  • Severity: 6
  • Published: June 20, 2018

** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c...

SUSE: CVE-2018-5814: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: June 12, 2018

In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets.

SUSE: CVE-2018-12233: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: June 12, 2018

In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc c...

SUSE: CVE-2018-1130: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: May 10, 2018

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

SUSE: CVE-2018-5803: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: May 01, 2018

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

SUSE: CVE-2017-13305: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: April 04, 2018

A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.