7.8

CVE-2018-18445

In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.14.9 < 4.14.75
LinuxLinux Kernel Version >= 4.15 < 4.18.13
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
CanonicalUbuntu Linux Version18.04 SwEditionlts
CanonicalUbuntu Linux Version18.10
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.53% 0.407
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://usn.ubuntu.com/3847-1/
Third Party Advisory
https://usn.ubuntu.com/3847-2/
Third Party Advisory
https://usn.ubuntu.com/3847-3/
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0512
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0514
Third Party Advisory
https://usn.ubuntu.com/3832-1/
Third Party Advisory
https://usn.ubuntu.com/3835-1/
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b799207e1e1816b09e7a5920fbb2d5fcf6edd681
Patch
Third Party Advisory
https://bugs.chromium.org/p/project-zero/issues/detail?id=1686
Patch
Third Party Advisory
Issue Tracking
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.75
Patch
Third Party Advisory
Release Notes
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.13
Patch
Third Party Advisory
Release Notes
https://github.com/torvalds/linux/commit/b799207e1e1816b09e7a5920fbb2d5fcf6edd681
Patch
Third Party Advisory
https://support.f5.com/csp/article/K38456756
Third Party Advisory