5.5

CVE-2018-1130

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.16
LinuxLinux Kernel Version4.16 Updaterc1
LinuxLinux Kernel Version4.16 Updaterc2
LinuxLinux Kernel Version4.16 Updaterc3
LinuxLinux Kernel Version4.16 Updaterc4
LinuxLinux Kernel Version4.16 Updaterc5
LinuxLinux Kernel Version4.16 Updaterc6
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.5% 0.385
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
secalert@redhat.com 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://access.redhat.com/errata/RHSA-2018:1854
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3083
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3096
Third Party Advisory
https://usn.ubuntu.com/3698-1/
Third Party Advisory
https://usn.ubuntu.com/3698-2/
Third Party Advisory
https://usn.ubuntu.com/3654-1/
Third Party Advisory
https://usn.ubuntu.com/3654-2/
Third Party Advisory
https://usn.ubuntu.com/3656-1/
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
Third Party Advisory
Mailing List
https://usn.ubuntu.com/3697-1/
Third Party Advisory
https://usn.ubuntu.com/3697-2/
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1130
Patch
Issue Tracking
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f93df79aeefc3add4e4b31a752600f834236e2
Patch
https://marc.info/?l=linux-netdev&m=152036596825220&w=2
Patch
Mailing List
https://syzkaller.appspot.com/bug?id=833568de043e0909b2aeaef7be136db39d21ba94
Third Party Advisory