Linux Kernel CVE Statistics
13 Linux Kernel CVEs in October 2018
Full month · Source: NIST NVD
In October 2018, 13 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 5 were rated High severity and 6 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. October's 13 CVEs represent 3% of all 2018 Linux kernel CVEs , down from September's 67 (a 81% month-over-month decrease) .
13
Total CVEs
0
Critical
5
High
6
Medium
2
Low
0
KEV Exploited
All CVEs — October 2018
13 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2018-18559 | linux | High | 8.1 | 2018-10-22 | In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt… | |
| CVE-2018-18281 | linux | High | 7.8 | 2018-10-30 | Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall … | |
| CVE-2018-18653 | linux | High | 7.8 | 2018-10-26 | The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users … | |
| CVE-2018-18445 | linux | High | 7.8 | 2018-10-17 | In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in … | |
| CVE-2018-18021 | linux | High | 7.1 | 2018-10-07 | arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG io… | |
| CVE-2017-18281 | linux | Medium | 5.5 | 2018-10-29 | A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read … | |
| CVE-2018-18710 | linux | Medium | 5.5 | 2018-10-29 | An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdr… | |
| CVE-2018-18690 | linux | Medium | 5.5 | 2018-10-26 | In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesyste… | |
| CVE-2018-14656 | linux | Medium | 5.5 | 2018-10-08 | A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel … | |
| CVE-2018-17972 | linux | Medium | 5.5 | 2018-10-03 | An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does n… | |
| CVE-2018-17977 | linux | Medium | 4.4 | 2018-10-08 | The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP… | |
| CVE-2018-6559 | linux | Low | 3.3 | 2018-10-26 | The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which th… | |
| CVE-2018-18386 | linux | Low | 3.3 | 2018-10-17 | drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals)… |