Lucene search

[email protected]CVE-2018-1130

HistoryMay 10, 2018 - 1:29 p.m.

CVE-2018-1130

2018-05-1013:29:00

CWE-476

[email protected]

web.nvd.nist.gov

245

cve-2018-1130

linux kernel

vulnerability

denial of service

nvd

null pointer dereference

dccp_write_xmit

crafted system calls

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

9.4%

JSON

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

References

access.redhat.com/errata/RHSA-2018:1854

access.redhat.com/errata/RHSA-2018:3083

access.redhat.com/errata/RHSA-2018:3096

bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1130

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f93df79aeefc3add4e4b31a752600f834236e2

lists.debian.org/debian-lts-announce/2018/06/msg00000.html

lists.debian.org/debian-lts-announce/2018/07/msg00015.html

lists.debian.org/debian-lts-announce/2018/07/msg00016.html

lists.debian.org/debian-lts-announce/2018/07/msg00020.html

marc.info/?l=linux-netdev&m=152036596825220&w=2

syzkaller.appspot.com/bug?id=833568de043e0909b2aeaef7be136db39d21ba94

usn.ubuntu.com/3654-1/

usn.ubuntu.com/3654-2/

usn.ubuntu.com/3656-1/

usn.ubuntu.com/3697-1/

usn.ubuntu.com/3697-2/

usn.ubuntu.com/3698-1/

usn.ubuntu.com/3698-2/

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

9.4%

JSON

Related for CVE-2018-1130

redhatcve1 f51 prion1 veracode1 debiancve1 ubuntucve1 nessus45 openvas16 debian4 osv3 virtuozzo3 ubuntu7 oraclelinux5 mageia3 suse2 photon2 cloudfoundry1 redhat3 centos2 ibm1