Lucene search

K

Veracode Vulnerability DatabaseVERACODE:19161

HistoryMay 16, 2019 - 2:50 a.m.

Arbitrary Code Execution

2019-05-1602:50:12

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

Linux kernel is vulnerable to buffer overflow vulnerability. This is due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver [firewire-net] in a fragment handling code in the Linux kernel. Remote attackers could execute arbitrary code via crafted fragmented packets causing a system panic.

CPENameOperatorVersion
kernel-rteq3.10.0__229.rt56.162.el6rt
kernel-rteq3.10.0__229.rt56.153.el6rt
kernel-rteq3.10.0__693.2.2.rt56.588.el6rt
kernel-rteq3.10.0__514.rt56.231.el6rt
kernel-rteq3.8.13__rt14.20.el6rt
kernel-rteq3.0.9__rt26.45.el6rt
kernel-rteq3.10.0__327.rt56.176.el6rt
kernel-rteq3.10.0__693.37.4.rt56.629.el6rt
kernel-rteq3.10.0__514.rt56.219.el6rt
kernel-rteq3.10.0__693.35.1.rt56.625.el6rt

Rows per page:

1-10 of 1621

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac

www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7

www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7

www.openwall.com/lists/oss-security/2016/11/06/1

www.openwall.com/lists/oss-security/2016/11/06/1

www.securityfocus.com/bid/94149

www.securityfocus.com/bid/94149

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.5_Release_Notes/index.html

access.redhat.com/errata/RHSA-2018:0676

access.redhat.com/errata/RHSA-2018:1062

access.redhat.com/errata/RHSA-2018:1062

access.redhat.com/errata/RHSA-2019:1170

access.redhat.com/errata/RHSA-2019:1170

access.redhat.com/errata/RHSA-2019:1190

access.redhat.com/errata/RHSA-2019:1190

access.redhat.com/security/cve/CVE-2016-8633

access.redhat.com/security/cve/CVE-2017-13305

access.redhat.com/security/cve/CVE-2017-15274

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1292927

bugzilla.redhat.com/show_bug.cgi?id=1391490

bugzilla.redhat.com/show_bug.cgi?id=1391490

bugzilla.redhat.com/show_bug.cgi?id=1401061

bugzilla.redhat.com/show_bug.cgi?id=1430418

bugzilla.redhat.com/show_bug.cgi?id=1448770

bugzilla.redhat.com/show_bug.cgi?id=1452589

bugzilla.redhat.com/show_bug.cgi?id=1462329

bugzilla.redhat.com/show_bug.cgi?id=1500894

bugzilla.redhat.com/show_bug.cgi?id=1503749

bugzilla.redhat.com/show_bug.cgi?id=1506255

bugzilla.redhat.com/show_bug.cgi?id=1507270

bugzilla.redhat.com/show_bug.cgi?id=1509264

bugzilla.redhat.com/show_bug.cgi?id=1518274

bugzilla.redhat.com/show_bug.cgi?id=1518638

eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/

eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/

github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac

github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

Related for VERACODE:19161

prion1 ubuntucve1 redhatcve1 cve1 debiancve1 nessus34 openvas21 ubuntu8 mageia3 ibm4 cloudfoundry1 suse9 redhat4 oraclelinux5 osv1 debian1 centos1