Linux : Security Vulnerabilities, CVEs, Published In 2018 (Information Leak) CVSS score >= 6
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.
Max CVSS
6.1
EPSS Score
0.04%
Published
2018-09-07
Updated
2019-08-06
In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAP_SPARC and FBIOGETCMAP_SPARC commands.
Max CVSS
7.5
EPSS Score
0.15%
Published
2018-01-31
Updated
2019-03-20
2 vulnerabilities found