Vulnerabilities (CVE)

Filtered by vendor Linux Subscribe
Filtered by product Linux Kernel
Total 18458 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18241 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2026-06-17 4.9 MEDIUM 5.5 MEDIUM
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.
CVE-2017-18232 1 Linux 1 Linux Kernel 2026-06-17 2.1 LOW 5.5 MEDIUM
The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
CVE-2017-18224 1 Linux 1 Linux Kernel 2026-06-17 1.9 LOW 4.7 MEDIUM
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.
CVE-2017-18222 1 Linux 1 Linux Kernel 2026-06-17 4.6 MEDIUM 7.8 HIGH
In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data, which allows local users to cause a denial of service (buffer overflow and memory corruption) or possibly have unspecified other impact, as demonstrated by incompatibility between hns_get_sset_count and ethtool_get_strings.
CVE-2017-18221 1 Linux 1 Linux Kernel 2026-06-17 4.9 MEDIUM 5.5 MEDIUM
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.
CVE-2017-18218 1 Linux 1 Linux Kernel 2026-06-17 7.2 HIGH 7.8 HIGH
In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in skb handling between hns_nic_net_xmit_hw and hns_nic_net_xmit.
CVE-2017-18216 1 Linux 1 Linux Kernel 2026-06-17 2.1 LOW 5.5 MEDIUM
In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.
CVE-2017-18208 1 Linux 1 Linux Kernel 2026-06-17 4.9 MEDIUM 5.5 MEDIUM
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.
CVE-2017-18204 1 Linux 1 Linux Kernel 2026-06-17 2.1 LOW 5.5 MEDIUM
The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.
CVE-2017-18203 1 Linux 1 Linux Kernel 2026-06-17 1.9 LOW 4.7 MEDIUM
The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.
CVE-2017-18202 1 Linux 1 Linux Kernel 2026-06-17 6.9 MEDIUM 7.0 HIGH
The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window.
CVE-2017-18200 1 Linux 1 Linux Kernel 2026-06-17 4.9 MEDIUM 5.5 MEDIUM
The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim.
CVE-2017-18193 1 Linux 1 Linux Kernel 2026-06-17 4.9 MEDIUM 5.5 MEDIUM
fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads.
CVE-2017-18174 1 Linux 1 Linux Kernel 2026-06-17 7.5 HIGH 9.8 CRITICAL
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.
CVE-2017-18079 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2026-06-17 7.2 HIGH 7.8 HIGH
drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated.
CVE-2017-18075 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2026-06-17 7.2 HIGH 7.8 HIGH
crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.
CVE-2017-18017 9 Arista, Canonical, Debian and 6 more 29 Eos, Ubuntu Linux, Debian Linux and 26 more 2026-06-17 10.0 HIGH 9.8 CRITICAL
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
CVE-2017-17975 1 Linux 1 Linux Kernel 2026-06-17 4.9 MEDIUM 5.5 MEDIUM
Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.
CVE-2017-17864 2 Debian, Linux 2 Debian Linux, Linux Kernel 2026-06-17 2.1 LOW 3.3 LOW
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
CVE-2017-17863 2 Debian, Linux 2 Debian Linux, Linux Kernel 2026-06-17 7.2 HIGH 7.8 HIGH
kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact.