Linux » Linux Kernel » N/A : Security Vulnerabilities, CVEs, Published In 2018 (Gain Privilege)

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-08-21
Updated
2023-02-12

CVE-2017-7482

In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.
Max CVSS
7.8
EPSS Score
0.06%
Published
2018-07-30
Updated
2023-02-14
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close