7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
kernel is vulnerable to denial of service (DoS). The vulnerability exists through a use-after-free Read in vhost_transport_send_pkt.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
access.redhat.com/errata/RHSA-2019:2029
access.redhat.com/errata/RHSA-2019:2043
access.redhat.com/errata/RHSA-2019:4154
access.redhat.com/security/cve/CVE-2018-14625
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1335986
bugzilla.redhat.com/show_bug.cgi?id=1436351
bugzilla.redhat.com/show_bug.cgi?id=1537033
bugzilla.redhat.com/show_bug.cgi?id=1552203
bugzilla.redhat.com/show_bug.cgi?id=1577640
bugzilla.redhat.com/show_bug.cgi?id=1590228
bugzilla.redhat.com/show_bug.cgi?id=1593417
bugzilla.redhat.com/show_bug.cgi?id=1608955
bugzilla.redhat.com/show_bug.cgi?id=1609699
bugzilla.redhat.com/show_bug.cgi?id=1613056
bugzilla.redhat.com/show_bug.cgi?id=1616109
bugzilla.redhat.com/show_bug.cgi?id=1616425
bugzilla.redhat.com/show_bug.cgi?id=1619846
bugzilla.redhat.com/show_bug.cgi?id=1622167
bugzilla.redhat.com/show_bug.cgi?id=1627563
bugzilla.redhat.com/show_bug.cgi?id=1628378
bugzilla.redhat.com/show_bug.cgi?id=1659146
bugzilla.redhat.com/show_bug.cgi?id=1665990
bugzilla.redhat.com/show_bug.cgi?id=1684780
bugzilla.redhat.com/show_bug.cgi?id=1693457
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14625
lists.debian.org/debian-lts-announce/2019/05/msg00002.html
syzkaller.appspot.com/bug?extid=bd391451452fb0b93039
usn.ubuntu.com/3871-1/
usn.ubuntu.com/3871-3/
usn.ubuntu.com/3871-4/
usn.ubuntu.com/3871-5/
usn.ubuntu.com/3872-1/
usn.ubuntu.com/3878-1/
usn.ubuntu.com/3878-2/
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P