Multiple vulnerabilities in Linux Kernel

Published: 2018-01-12 14:02:04 | Updated: 2018-06-12 11:20:17
Severity High
Patch available YES
Number of vulnerabilities 3
CVE ID CVE-2018-5333
CVE-2018-5332
CVE-2018-5703
CVSSv3 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
8.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CWE ID CWE-476
CWE-787
Exploitation vector Network
Public exploit Not available
Vulnerable software Linux kernel
Vulnerable software versions Linux kernel 4.14.1
Linux kernel 4.14.2
Linux kernel 4.14.3
Show more
Vendor URL Linux Foundation

Security Advisory

1) Null pointer dereference

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the rds_cmsg_atomic function due to insufficient handling of user-supplied input. A remote attacker can send a specially crafted HTTP request, trigger NULL pointer dereference and cause the system to crash.

Remediation

Install update from vendor's website.

External links

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7d11f77f84b27cef452cee...

2) Heap out-of-bounds write

Description

The vulnerability allows a local attacker to  cause DoS condition on the target system.

The weakness exists in the rds_message_alloc_sgs() function due to improper validation of DMA page allocation values. A local attacker can trigger a heap-based out-of-bounds write and cause the system to crash.

Remediation

Install update from vendor's website.

External links

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c095508770aebf1b9218e7...

3) Out-of-bounds write

Description

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists in the tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c due to slab out-of-bounds write. A remote attacker can supply vectors involving TLS, trigger memory corruption and cause the system to crash or execute arbitrary code with elevated privileges.

Remediation

Update to version 4.14.12.

External links

https://groups.google.com/forum/#!msg/syzkaller-bugs/0PBeVnSzfqQ/5eXAlM46BQAJ

Back to List