Linux : Security Vulnerabilities, CVEs, Published In January 2018 (Overflow)
The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.
Max CVSS
7.1
EPSS Score
1.01%
Published
2018-01-31
Updated
2018-08-24
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).
Max CVSS
5.5
EPSS Score
0.06%
Published
2018-01-14
Updated
2021-07-15
A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put().
Max CVSS
9.3
EPSS Score
2.53%
Published
2018-01-14
Updated
2024-02-05
3 vulnerabilities found