7.8

CVE-2018-10675

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.2.95
LinuxLinux Kernel Version >= 3.3 < 3.16.50
LinuxLinux Kernel Version >= 3.17 < 3.18.67
LinuxLinux Kernel Version >= 3.19 < 4.1.45
LinuxLinux Kernel Version >= 4.2 < 4.4.84
LinuxLinux Kernel Version >= 4.5 < 4.9.45
LinuxLinux Kernel Version >= 4.10 < 4.12.9
RedhatVirtualization Host Version4.0
CanonicalUbuntu Linux Version14.04 SwEditionlts
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.346
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html
Third Party Advisory
https://usn.ubuntu.com/3754-1/
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2384
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2395
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73223e4e2e3867ebf033a5a8eb2e5df0158ccc99
Patch
Vendor Advisory
http://www.securityfocus.com/bid/104093
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:2164
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2785
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2791
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2924
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2925
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2933
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3540
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3586
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3590
Third Party Advisory
https://github.com/torvalds/linux/commit/73223e4e2e3867ebf033a5a8eb2e5df0158ccc99
Patch
Vendor Advisory
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9
Release Notes