GCVE - cpe:2.3:a:[unknown]:kernel::*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:[unknown]:kernel::*:*:*:*:*:*:*:*

part: a version: update: *

Vendor	[Unknown] (`5b07108a-8f0c-5d28-ab99-c4ff62adb460`)
Product	Kernel (`2592caf9-d501-5f2b-9adc-c2645a373a21`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-16884`	vulnerable	2026-06-03 14:38:21.208933	Details available MEDIUM (6.5) A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Published: 2018-12-18T22:00:00.000Z Updated: 2024-08-05T10:32:54.149Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/106253 https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html https://usn.ubuntu.com/3932-1/ https://usn.ubuntu.com/3932-2/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-16862`	vulnerable	2026-06-03 14:38:21.115922	Details available MEDIUM (5.3) A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one. Published: 2018-11-26T19:00:00.000Z Updated: 2024-08-05T10:32:54.234Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/106009 https://usn.ubuntu.com/3879-2/ https://seclists.org/oss-sec/2018/q4/169 https://usn.ubuntu.com/3879-1/ https://lore.kernel.org/patchwork/patch/1011367/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-14646`	vulnerable	2026-06-03 14:38:12.349180	Details available MEDIUM (5.5) The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service. Published: 2018-11-26T19:00:00.000Z Updated: 2024-08-05T09:38:13.102Z Open on db.gcve.eu Reference links https://access.redhat.com/errata/RHSA-2018:3843 https://access.redhat.com/errata/RHSA-2018:3666 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f428fe4a04cc339166c8bbd489789760de3a0cee https://access.redhat.com/errata/RHSA-2018:3651 https://marc.info/?l=linux-netdev&m=151500466401174&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-10901`	vulnerable	2026-06-03 14:38:00.403988	Details available HIGH (7.8) A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges. Published: 2018-07-26T17:00:00.000Z Updated: 2024-08-05T07:54:35.810Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104905 https://access.redhat.com/errata/RHSA-2018:2393 https://access.redhat.com/errata/RHSA-2018:2390 https://access.redhat.com/errata/RHSA-2018:2391 https://access.redhat.com/errata/RHSA-2018:2392	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-7518`	vulnerable	2026-06-03 14:37:32.345875	Details available MEDIUM (5.5) A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this. Published: 2018-07-30T13:00:00.000Z Updated: 2024-08-05T16:04:11.892Z Open on db.gcve.eu Reference links https://access.redhat.com/errata/RHSA-2018:0412 https://access.redhat.com/articles/3290921 https://usn.ubuntu.com/3619-2/ https://access.redhat.com/errata/RHSA-2018:0395 https://usn.ubuntu.com/3754-1/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-7482`	vulnerable	2026-06-03 14:37:32.062677	Details available HIGH (7.1) In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation. Published: 2018-07-30T14:00:00.000Z Updated: 2024-08-05T16:04:11.726Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/99299 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0 http://www.securitytracker.com/id/1038787 https://www.debian.org/security/2017/dsa-3927 https://www.debian.org/security/2017/dsa-3945	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.