7.1

CVE-2018-10938

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version4.0
LinuxLinux Kernel Version4.0 Updaterc1
LinuxLinux Kernel Version4.0 Updaterc2
LinuxLinux Kernel Version4.0 Updaterc3
LinuxLinux Kernel Version4.0 Updaterc4
LinuxLinux Kernel Version4.0 Updaterc5
LinuxLinux Kernel Version4.0 Updaterc6
LinuxLinux Kernel Version4.0 Updaterc7
LinuxLinux Kernel Version4.1
LinuxLinux Kernel Version4.1 Updaterc1
LinuxLinux Kernel Version4.1 Updaterc2
LinuxLinux Kernel Version4.1 Updaterc3
LinuxLinux Kernel Version4.1 Updaterc4
LinuxLinux Kernel Version4.1 Updaterc5
LinuxLinux Kernel Version4.1 Updaterc6
LinuxLinux Kernel Version4.1 Updaterc7
LinuxLinux Kernel Version4.1 Updaterc8
LinuxLinux Kernel Version4.2
LinuxLinux Kernel Version4.2 Updaterc1
LinuxLinux Kernel Version4.2 Updaterc2
LinuxLinux Kernel Version4.2 Updaterc3
LinuxLinux Kernel Version4.2 Updaterc4
LinuxLinux Kernel Version4.2 Updaterc5
LinuxLinux Kernel Version4.2 Updaterc6
LinuxLinux Kernel Version4.2 Updaterc7
LinuxLinux Kernel Version4.2 Updaterc8
LinuxLinux Kernel Version4.3
LinuxLinux Kernel Version4.3 Updaterc1
LinuxLinux Kernel Version4.3 Updaterc2
LinuxLinux Kernel Version4.3 Updaterc3
LinuxLinux Kernel Version4.3 Updaterc4
LinuxLinux Kernel Version4.3 Updaterc5
LinuxLinux Kernel Version4.3 Updaterc6
LinuxLinux Kernel Version4.3 Updaterc7
LinuxLinux Kernel Version4.4
LinuxLinux Kernel Version4.4 Updaterc1
LinuxLinux Kernel Version4.4 Updaterc2
LinuxLinux Kernel Version4.4 Updaterc3
LinuxLinux Kernel Version4.4 Updaterc4
LinuxLinux Kernel Version4.4 Updaterc5
LinuxLinux Kernel Version4.4 Updaterc6
LinuxLinux Kernel Version4.4 Updaterc7
LinuxLinux Kernel Version4.4 Updaterc8
LinuxLinux Kernel Version4.5
LinuxLinux Kernel Version4.5 Updaterc1
LinuxLinux Kernel Version4.5 Updaterc2
LinuxLinux Kernel Version4.5 Updaterc3
LinuxLinux Kernel Version4.5 Updaterc4
LinuxLinux Kernel Version4.5 Updaterc5
LinuxLinux Kernel Version4.5 Updaterc6
LinuxLinux Kernel Version4.5 Updaterc7
LinuxLinux Kernel Version4.6
LinuxLinux Kernel Version4.6 Updaterc1
LinuxLinux Kernel Version4.6 Updaterc2
LinuxLinux Kernel Version4.6 Updaterc3
LinuxLinux Kernel Version4.6 Updaterc4
LinuxLinux Kernel Version4.6 Updaterc5
LinuxLinux Kernel Version4.6 Updaterc6
LinuxLinux Kernel Version4.6 Updaterc7
LinuxLinux Kernel Version4.7
LinuxLinux Kernel Version4.7 Updaterc1
LinuxLinux Kernel Version4.7 Updaterc2
LinuxLinux Kernel Version4.7 Updaterc3
LinuxLinux Kernel Version4.7 Updaterc4
LinuxLinux Kernel Version4.7 Updaterc5
LinuxLinux Kernel Version4.7 Updaterc6
LinuxLinux Kernel Version4.7 Updaterc7
LinuxLinux Kernel Version4.8
LinuxLinux Kernel Version4.8 Updaterc1
LinuxLinux Kernel Version4.8 Updaterc2
LinuxLinux Kernel Version4.8 Updaterc3
LinuxLinux Kernel Version4.8 Updaterc4
LinuxLinux Kernel Version4.8 Updaterc5
LinuxLinux Kernel Version4.8 Updaterc6
LinuxLinux Kernel Version4.8 Updaterc7
LinuxLinux Kernel Version4.8 Updaterc8
LinuxLinux Kernel Version4.9
LinuxLinux Kernel Version4.9 Updaterc1
LinuxLinux Kernel Version4.9 Updaterc2
LinuxLinux Kernel Version4.9 Updaterc3
LinuxLinux Kernel Version4.9 Updaterc4
LinuxLinux Kernel Version4.9 Updaterc5
LinuxLinux Kernel Version4.9 Updaterc6
LinuxLinux Kernel Version4.9 Updaterc7
LinuxLinux Kernel Version4.9 Updaterc8
LinuxLinux Kernel Version4.10
LinuxLinux Kernel Version4.10 Updaterc1
LinuxLinux Kernel Version4.10 Updaterc2
LinuxLinux Kernel Version4.10 Updaterc3
LinuxLinux Kernel Version4.10 Updaterc4
LinuxLinux Kernel Version4.10 Updaterc5
LinuxLinux Kernel Version4.10 Updaterc6
LinuxLinux Kernel Version4.10 Updaterc7
LinuxLinux Kernel Version4.10 Updaterc8
LinuxLinux Kernel Version4.11
LinuxLinux Kernel Version4.11 Updaterc1
LinuxLinux Kernel Version4.11 Updaterc2
LinuxLinux Kernel Version4.11 Updaterc3
LinuxLinux Kernel Version4.11 Updaterc4
LinuxLinux Kernel Version4.11 Updaterc5
LinuxLinux Kernel Version4.11 Updaterc6
LinuxLinux Kernel Version4.11 Updaterc7
LinuxLinux Kernel Version4.11 Updaterc8
LinuxLinux Kernel Version4.12
LinuxLinux Kernel Version4.12 Updaterc1
LinuxLinux Kernel Version4.12 Updaterc2
LinuxLinux Kernel Version4.12 Updaterc3
LinuxLinux Kernel Version4.12 Updaterc4
LinuxLinux Kernel Version4.12 Updaterc5
LinuxLinux Kernel Version4.12 Updaterc6
LinuxLinux Kernel Version4.12 Updaterc7
LinuxLinux Kernel Version4.13 Updaterc1
LinuxLinux Kernel Version4.13 Updaterc2
LinuxLinux Kernel Version4.13 Updaterc3
LinuxLinux Kernel Version4.13 Updaterc4
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
DebianDebian Linux Version9.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.37% 0.885
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:N/I:N/A:C
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://usn.ubuntu.com/3797-1/
Third Party Advisory
https://usn.ubuntu.com/3797-2/
Third Party Advisory
http://seclists.org/oss-sec/2018/q3/179
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/105154
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041569
Third Party Advisory
VDB Entry