7.1

CVE-2018-1000004

Exploit
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 2.6.0
LinuxLinux Kernel Version3.10
LinuxLinux Kernel Version4.12
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.54% 0.878
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:N/I:N/A:C
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://usn.ubuntu.com/3798-1/
https://usn.ubuntu.com/3798-2/
https://access.redhat.com/errata/RHSA-2018:0676
https://access.redhat.com/errata/RHSA-2018:1062
https://access.redhat.com/errata/RHSA-2018:0654
https://access.redhat.com/errata/RHSA-2018:2390
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
https://www.debian.org/security/2018/dsa-4187
https://usn.ubuntu.com/3631-1/
https://usn.ubuntu.com/3631-2/
http://seclists.org/oss-sec/2018/q1/51
Patch
Third Party Advisory
Exploit
Mailing List
http://www.securityfocus.com/bid/104606
https://access.redhat.com/errata/RHSA-2019:1483