linux

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description The Linux kernel and modules
Version 4.18.16.arch1-1 [testing]
4.18.14.arch1-1 [core]

Open

Group Affected Fixed Severity Status Ticket
AVG-760 4.18.arch1-1 High Vulnerable
AVG-756 4.17.14.arch1-1 High Vulnerable
AVG-701 4.16.9-1 Medium Vulnerable
AVG-682 4.16.8-1 High Vulnerable
AVG-553 4.14.11-1 High Vulnerable
Issue Group Severity Remote Type Description
CVE-2018-8897 AVG-682 High No Denial of service
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of...
CVE-2018-5391 AVG-760 High Yes Denial of service
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this...
CVE-2018-3646 AVG-756 High No Information disclosure
Systems with microprocessors utilising speculative execution and address translations may allow unauthorised disclosure of information residing in the L1...
CVE-2018-3620 AVG-756 High No Information disclosure
Systems with microprocessors utilising speculative execution and address translations may allow unauthorised disclosure of information residing in the L1...
CVE-2018-3615 AVG-756 High No Information disclosure
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of...
CVE-2018-1121 AVG-701 Low No Content spoofing
A security issue has been found in Linux <= 4.16.9, where an unprivileged attacker can hide a process from procps-ng's utilities by exploiting either a...
CVE-2018-1120 AVG-701 Medium No Denial of service
A denial of service has been found in Linux <= 4.16.9. An attacker can block any read() access to /proc/PID/cmdline by mmap()ing a FUSE file (Filesystem in...
CVE-2017-5753 AVG-553 High Yes Access restriction bypass
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used...
CVE-2017-5715 AVG-553 High No Access restriction bypass
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-784 4.18.12.arch1-1 4.18.13.arch1-1 Low Fixed
AVG-771 4.18.8.arch1-1 4.18.9.arch1-1 High Fixed
AVG-747 4.17.10-1 4.17.11-1 High Fixed
AVG-567 4.14.11-1 4.16-1 High Fixed
AVG-562 4.14.5-1 4.14.6-1 Medium Fixed
AVG-552 4.14.7-1 4.14.11-1 High Fixed FS#56832
AVG-508 4.13.7-1 4.13.8-1 High Fixed
AVG-484 4.13.11-1 4.14-1 High Fixed
AVG-483 4.13.11-1 4.14-1 High Fixed
AVG-444 4.13.6-1 4.13.7-1 High Fixed
AVG-434 4.12.10-1 4.13-1 High Fixed
AVG-428 4.13.4-1 4.13.5-1 Medium Fixed
AVG-417 4.13.3-1 4.13.5-1 High Fixed
AVG-392 4.12.12-1 4.12.13-1 High Fixed FS#55601
AVG-331 4.11.7-1 4.13-1 Medium Fixed
AVG-323 4.11.6-3 4.12.1-1 Medium Fixed
AVG-313 4.11.6-1 4.11.6-3 High Fixed
AVG-240 4.4.5-1 4.5-1 Critical Fixed
AVG-232 4.10.6-1 4.10.8-1 High Fixed
AVG-228 4.10.6-1 Medium Not affected
AVG-192 4.10.1-1 4.10.2-1 High Fixed FS#53242
AVG-187 4.9.6-1 4.9.7-1 High Fixed
AVG-178 4.9.8-1 4.9.11-1 High Fixed
AVG-149 4.9.4-1 4.9.5-1 Medium Fixed
AVG-101 4.8.12-2 4.8.12-3 High Fixed
AVG-95 4.8.12-1 4.8.12-2 High Fixed
AVG-48 4.8.2-1 4.8.3-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2018-5390 AVG-747 High Yes Denial of service
A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time...
CVE-2018-18445 AVG-784 Low No Insufficient validation
In the Linux kernel 4.14.x before 4.14.75 and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out- of-bounds memory...
CVE-2018-17182 AVG-771 High No Privilege escalation
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An...
CVE-2017-9986 AVG-331 Medium No Denial of service
The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel before 4.13, 4.9.50, 4.4.99 and 4.1.45 allows local users to cause a denial of service...
CVE-2017-9985 AVG-331 Medium No Denial of service
The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel before 4.13, 4.9.50, 4.4.99 and 4.1.45 allows local users to cause a...
CVE-2017-9984 AVG-331 Medium No Denial of service
The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel before 4.13, 4.9.50, 4.4.99 and 4.1.45 allows local users to cause a...
CVE-2017-8824 AVG-552 High No Privilege escalation
A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. The dccp_disconnect function in net/dccp/proto.c...
CVE-2017-7374 AVG-232 High No Privilege escalation
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or...
CVE-2017-7184 AVG-228 Medium No Privilege escalation
A local privilege escalation vulnerability has been found in the Linux kernel.
Chaitin Security Research Lab discovered that xfrm_replay_verify_len(), as...
CVE-2017-6074 AVG-178 High No Privilege escalation
A use-after-free vulnerability has been discovered in the DCCP implementation in the Linux kernel. The dccp_rcv_state_process function in net/dccp/input.c...
CVE-2017-6001 AVG-187 High No Privilege escalation
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes...
CVE-2017-5986 AVG-178 Medium No Denial of service
It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUG_ON in sctp_wait_for_sndbuf if the socket tx buffer...
CVE-2017-5754 AVG-552 High No Access restriction bypass
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used...
CVE-2017-5123 AVG-444 High No Privilege escalation
It was discovered that when the waitid() syscall in Linux kernel v4.13 was refactored, it accidentally stopped checking that the incoming argument was...
CVE-2017-2636 AVG-192 High No Privilege escalation
A race condition flaw was found in the N_HLDC Linux kernel driver when accessing the n_hdlc.tbuf list that can lead to double free. A local, unprivileged...
CVE-2017-2583 AVG-149 Medium No Privilege escalation
The Linux kernel > 3.6-rc1, when built with Kernel-based Virtual Machine (CONFIG_KVM) support, is vulnerable to an incorrect segment selector (SS) value...
CVE-2017-17864 AVG-552 Medium No Information disclosure
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 and 4.9.73 mishandles states_equal comparisons between the pointer data...
CVE-2017-17863 AVG-552 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 and 4.9.72 does not check the relationship between pointer values and...
CVE-2017-17862 AVG-552 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 and 4.9.72 ignore unreachable code, even though it would still be...
CVE-2017-17857 AVG-552 Medium No Denial of service
The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory...
CVE-2017-17856 AVG-552 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or...
CVE-2017-17855 AVG-552 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or...
CVE-2017-17854 AVG-552 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (integer overflow and...
CVE-2017-17853 AVG-552 Medium No Denial of service
It has been discovered kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or...
CVE-2017-17852 AVG-552 Medium No Denial of service
It has been discovered that kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or...
CVE-2017-17807 AVG-562 Low No Access restriction bypass
The KEYS subsystem in the Linux kernel before 4.14.6, 4.9.69, 4.4.107, 3.18.88, 3.16.52 and 3.2.97 omitted an access-control check when adding a key to the...
CVE-2017-17806 AVG-552 Medium No Denial of service
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate that the...
CVE-2017-17805 AVG-552 Medium No Denial of service
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle zero-length...
CVE-2017-17741 AVG-567 Medium No Information disclosure
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio...
CVE-2017-17712 AVG-552 High No Privilege escalation
A flaw was found in the Linux kernel's implementation of raw_sendmsg before 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic the kernel or...
CVE-2017-17558 AVG-552 High No Denial of service
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel before 4.14.8, 4.9.71, 4.4.107, 3.18.89,...
CVE-2017-17450 AVG-567 High No Access restriction bypass
It has been discovered that net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and...
CVE-2017-17449 AVG-552 Medium No Information disclosure
The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52 when...
CVE-2017-17448 AVG-567 High No Access restriction bypass
It has been discovered that net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new,...
CVE-2017-16996 AVG-552 High No Privilege escalation
An arbitrary memory r/w access issue was found in the Linux kernel before 4.14.9 compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL) support. The...
CVE-2017-16995 AVG-552 High No Privilege escalation
An arbitrary memory r/w access issue was found in the Linux kernel before 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL)...
CVE-2017-16650 AVG-484 Medium No Denial of service
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero...
CVE-2017-16649 AVG-484 Medium No Denial of service
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service...
CVE-2017-16648 AVG-484 High No Privilege escalation
The dvb_frontend_free function in drivers/media/dvb- core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service...
CVE-2017-16647 AVG-484 Medium No Denial of service
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system...
CVE-2017-16646 AVG-484 Medium No Denial of service
drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash) or...
CVE-2017-16645 AVG-484 Medium No Denial of service
The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims- pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service...
CVE-2017-16644 AVG-567 Medium No Denial of service
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service...
CVE-2017-16643 AVG-484 Medium No Denial of service
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service...
CVE-2017-16538 AVG-483 Medium No Denial of service
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and...
CVE-2017-16537 AVG-483 Medium No Denial of service
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer...
CVE-2017-16536 AVG-483 Medium No Denial of service
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx- cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of...
CVE-2017-16535 AVG-483 Medium No Denial of service
The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service...
CVE-2017-16534 AVG-483 Medium No Denial of service
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service...
CVE-2017-16533 AVG-483 Medium No Denial of service
The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds...
CVE-2017-16532 AVG-483 Medium No Denial of service
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer...
CVE-2017-16531 AVG-483 Medium No Denial of service
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or...
CVE-2017-16530 AVG-483 Medium No Denial of service
The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have...
CVE-2017-16529 AVG-483 Medium No Denial of service
The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds...
CVE-2017-16528 AVG-483 High No Privilege escalation
sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use- after-free and...
CVE-2017-16527 AVG-483 High No Privilege escalation
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system...
CVE-2017-16526 AVG-483 Medium No Denial of service
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly...
CVE-2017-16525 AVG-483 High No Privilege escalation
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service...
CVE-2017-15265 AVG-508 High No Privilege escalation
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have...
CVE-2017-15115 AVG-483 High No Privilege escalation
It was found that in Linux kernel before 4.14 when peeling off an association to the socket in another network namespace, all transports in this association...
CVE-2017-14954 AVG-428 Medium No Information disclosure
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users...
CVE-2017-12154 AVG-417 High No Access restriction bypass
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0...
CVE-2017-1000407 AVG-562 Medium Yes Denial of service
Linux kernel Virtualization Module (CONFIG_KVM) for the Intel processor family (CONFIG_KVM_INTEL) before 4.14.6, 4.9.69, 4.4.106, 3.18.88, 3.16.52 and...
CVE-2017-1000379 AVG-323 Medium No Access restriction bypass
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing...
CVE-2017-1000365 AVG-323 Medium No Insufficient validation
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does...
CVE-2017-1000364 AVG-313 High No Privilege escalation
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions...
CVE-2017-1000251 AVG-392 High Yes Arbitrary code execution
A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client....
CVE-2017-1000112 AVG-434 High No Arbitrary code execution
Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to...
CVE-2017-1000111 AVG-434 High No Arbitrary code execution
heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes...
CVE-2016-9919 AVG-101 High Yes Denial of service
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers...
CVE-2016-9588 AVG-178 Medium No Denial of service
Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to an uncaught...
CVE-2016-8655 AVG-95 High No Privilege escalation
A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem...
CVE-2016-5195 AVG-48 High No Privilege escalation
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read- only memory mappings. An...
CVE-2016-10229 AVG-240 Critical Yes Arbitrary code execution
A security has been in found in udp.c in the Linux kernel before 4.5, which allows remote attackers to execute arbitrary code via UDP traffic that triggers...
CVE-2016-10088 AVG-178 High No Privilege escalation
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which...

Advisories

Date Advisory Group Severity Description
08 Aug 2018 ASA-201808-4 AVG-747 High denial of service
05 Jan 2018 ASA-201801-1 AVG-552 High multiple issues
17 Oct 2017 ASA-201710-26 AVG-444 High privilege escalation
15 Sep 2017 ASA-201709-9 AVG-392 High arbitrary code execution
23 Jun 2017 ASA-201706-31 AVG-313 High privilege escalation
14 Mar 2017 ASA-201703-8 AVG-192 High privilege escalation
22 Feb 2017 ASA-201702-17 AVG-178 High multiple issues
27 Jan 2017 ASA-201701-32 AVG-149 Medium privilege escalation
06 Dec 2016 ASA-201612-6 AVG-95 High privilege escalation
10 Dec 2016 ASA-201612-10 AVG-101 High denial of service
22 Oct 2016 ASA-201610-14 AVG-48 High privilege escalation