5.5

CVE-2018-5803

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 3.2.102
LinuxLinux Kernel Version >= 3.3 < 4.1.51
LinuxLinux Kernel Version >= 4.3 < 4.9.87
LinuxLinux Kernel Version >= 4.10 < 4.14.25
LinuxLinux Kernel Version >= 4.15 < 4.15.8
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
RedhatVirtualization Host Version4.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.55% 0.416
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://access.redhat.com/errata/RHSA-2018:1854
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3083
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3096
Third Party Advisory
https://usn.ubuntu.com/3698-1/
Third Party Advisory
https://usn.ubuntu.com/3698-2/
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
Third Party Advisory
https://www.debian.org/security/2018/dsa-4187
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2948
Third Party Advisory
https://usn.ubuntu.com/3654-1/
Third Party Advisory
https://usn.ubuntu.com/3654-2/
Third Party Advisory
https://usn.ubuntu.com/3656-1/
Third Party Advisory
https://www.debian.org/security/2018/dsa-4188
Third Party Advisory
https://usn.ubuntu.com/3697-1/
Third Party Advisory
https://usn.ubuntu.com/3697-2/
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0641
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102
Vendor Advisory
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51
Vendor Advisory
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25
Vendor Advisory
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8
Vendor Advisory
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121
Vendor Advisory
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c
Vendor Advisory
https://secuniaresearch.flexerasoftware.com/advisories/81331/
Third Party Advisory
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/
Third Party Advisory
https://www.spinics.net/lists/linux-sctp/msg07036.html
Third Party Advisory
Mailing List
https://www.spinics.net/lists/netdev/msg482523.html
Third Party Advisory
Mailing List