A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 6.1.76-1linux_6.1.76-1_all.deb
Debian11alllinux< 5.10.209-2linux_5.10.209-2_all.deb
Debian10alllinux< 4.19.249-2linux_4.19.249-2_all.deb
Debian999alllinux< 6.8.11-1linux_6.8.11-1_all.deb
Debian13alllinux< 6.7.12-1linux_6.7.12-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 6.1.76-1	linux_6.1.76-1_all.deb
Debian	11	all	linux	< 5.10.209-2	linux_5.10.209-2_all.deb
Debian	10	all	linux	< 4.19.249-2	linux_4.19.249-2_all.deb
Debian	999	all	linux	< 6.8.11-1	linux_6.8.11-1_all.deb
Debian	13	all	linux	< 6.7.12-1	linux_6.7.12-1_all.deb

prion 3

ubuntucve 2

redhatcve 3

cvelist 3

f5 2

cve 3

veracode 2

nessus 79

centos 1

virtuozzo 3

openvas 44

redhat 13

oraclelinux 5

cisa 1

xen 1

exploitpack 1

photon 2

debiancve 1

huawei 2

packetstorm 1

cert 1

mscve 1

symantec 1

qualysblog 1

zdt 2

osv 4

freebsd_advisory 1

threatpost 1

metasploit 1

freebsd 1

exploitdb 2

mskb 1

debian 3

suse 1

ubuntu 2

apple 2

cloudfoundry 1

citrix 1

prion

Code injection

2018-07-10 19:29:00

Privilege escalation

2018-05-08 18:29:00

Race condition

2023-11-14 19:15:00

ubuntucve

CVE-2018-10872

2018-07-10 00:00:00

CVE-2018-8897

2018-05-08 00:00:00

redhatcve

CVE-2018-10872

2018-07-10 15:19:17

CVE-2018-8897

2020-04-07 11:35:31

CVE-2018-1087

2020-04-08 20:05:13

cvelist

CVE-2018-10872

2018-07-10 19:00:00

CVE-2018-8897

2018-05-08 18:00:00

CVE-2023-20571

2023-11-14 18:55:02

K05345625 : Linux kernel vulnerability CVE-2018-10872

2020-12-17 00:00:00

K17403481 : Linux kernel vulnerability CVE-2018-8897

2018-05-15 00:00:00

cve

CVE-2018-10872

2018-07-10 19:29:00

CVE-2018-8897

2018-05-08 18:29:00

CVE-2023-20571

2023-11-14 19:15:15

veracode

Denial Of Service (DoS)

2019-05-16 03:09:06

Local Privilege Escalation

2019-01-15 09:21:51

nessus

RHEL 6 : kernel (RHSA-2018:2164)

2018-07-11 00:00:00

CentOS 6 : kernel (CESA-2018:2164) (Spectre)

2018-07-16 00:00:00

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2018-048)

2018-07-18 00:00:00

centos

kernel, perf, python security update

2018-07-13 16:57:08

virtuozzo

Important kernel security update: CVE-2018-3639 (x86 AMD) and other issues; new kernel 2.6.32-042stab132.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2018-07-16 00:00:00

Important kernel security update: CVE-2018-3639 (x86 AMD) and other issues; new kernel 2.6.32-042stab132.1; Virtuozzo 6.0 Update 12 Hotfix 29 (6.0.12-3710)

2018-07-16 00:00:00

Important product update: Virtuozzo 7.0 Update 7 Hotfix 3 (7.0.7-461)

2018-05-30 00:00:00

openvas

CentOS Update for kernel CESA-2018:2164 centos6

2018-07-14 00:00:00

Huawei Data Communication: Privilege Escalation Vulnerability in Some Huawei Products (huawei-sa-20181010-01-debug)

2020-05-26 00:00:00

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1119)

2020-01-23 00:00:00

redhat

(RHSA-2018:2164) Important: kernel security and bug fix update

2018-07-10 15:33:47

(RHSA-2018:1353) Moderate: kernel security update

2018-05-08 21:59:19

(RHSA-2018:1352) Moderate: kernel security update

2018-05-08 21:59:05

oraclelinux

kernel security update

2018-09-18 00:00:00

Unbreakable Enterprise kernel security update

2018-05-08 00:00:00

Unbreakable Enterprise kernel security update

2018-05-08 00:00:00

cisa

Debug Exception May Cause Unexpected Behavior

2018-05-08 00:00:00

xen

x86: mishandling of debug exceptions

2018-05-08 16:45:00

exploitpack

Microsoft Windows - POPMOV SS Privilege Escalation

2018-05-22 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0132-A

2018-05-03 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0037-A

2018-04-24 00:00:00

debiancve

CVE-2018-8897

2018-05-08 18:29:00

huawei

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products

2019-09-21 00:00:00

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products

2019-09-21 00:00:00

packetstorm

Microsoft Windows POP/MOV SS Local Privilege Elevation

2018-07-13 00:00:00

cert

Hardware debug exception documentation may result in unexpected behavior

2018-05-08 00:00:00

mscve

Windows Kernel Elevation of Privilege Vulnerability

2018-05-08 07:00:00

symantec

Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability

2018-05-08 00:00:00

qualysblog

What we’ve got here is failure to communicate: OS vendors misread CPU docs, create flaw

2018-05-14 18:47:42

zdt

Microsoft Windows - POP/MOV SS Privilege Escalation Exploit

2018-05-23 00:00:00

Microsoft Windows #MicrosoftWindows POP/MOV SS Local Privilege Elevation Exploit

2018-07-13 00:00:00

osv

CVE-2018-8897

2018-05-08 18:29:00

linux - security update

2018-05-08 00:00:00

xen - security update

2018-05-25 00:00:00

freebsd_advisory

FreeBSD-SA-18:06.debugreg

2018-05-08 00:00:00

threatpost

Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked

2018-05-10 15:37:07

metasploit

Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability

2018-07-13 06:11:37

freebsd

FreeBSD -- Mishandling of x86 debug exceptions

2018-05-08 00:00:00

exploitdb

Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)

2018-07-13 00:00:00

Microsoft Windows - 'POP/MOV SS' Privilege Escalation

2018-05-22 00:00:00

mskb

Description of the security update for vulnerabilities in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: May 08, 2018

2018-05-08 07:00:00

debian

[SECURITY] [DLA 1383-1] xen security update

2018-05-25 11:26:24

[SECURITY] [DSA 4196-1] linux security update

2018-05-08 21:54:36

[SECURITY] [DSA 4196-1] linux security update

2018-05-08 21:54:56

suse

Security update for the Linux Kernel (important)

2018-05-09 00:07:18

ubuntu

Linux kernel vulnerabilities

2018-05-08 00:00:00

Linux kernel vulnerabilities

2018-05-08 00:00:00

apple

About the security content of Security Update 2018-001

2018-04-24 00:00:00

About the security content of Security Update 2018-001 - Apple Support

2018-05-08 05:03:32

cloudfoundry

USN-3641-1: Linux kernel vulnerabilities | Cloud Foundry

2018-06-05 00:00:00

citrix

Citrix XenServer Multiple Security Updates

2018-05-08 04:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.001 Low

EPSS

Percentile

24.8%

JSON

Related for DEBIANCVE:CVE-2018-10872