Debian update for linux
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 27 |
| CVE-ID | CVE-2017-5715 CVE-2017-5753 CVE-2017-17975 CVE-2017-18193 CVE-2017-18216 CVE-2017-18218 CVE-2017-18222 CVE-2017-18224 CVE-2017-18241 CVE-2017-18257 CVE-2018-1065 CVE-2018-1066 CVE-2018-1068 CVE-2018-1092 CVE-2018-1093 CVE-2018-1108 CVE-2018-5803 CVE-2018-7480 CVE-2018-7566 CVE-2018-7740 CVE-2018-7757 CVE-2018-7995 CVE-2018-8087 CVE-2018-8781 CVE-2018-8822 CVE-2018-10323 CVE-2018-1000199 |
| CWE-ID | CWE-200 CWE-416 CWE-119 CWE-476 CWE-120 CWE-362 CWE-20 CWE-264 CWE-125 CWE-665 CWE-415 CWE-401 CWE-190 CWE-388 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Vulnerability #2 is being exploited in the wild. Public exploit code for vulnerability #14 is available. Public exploit code for vulnerability #20 is available. Public exploit code for vulnerability #24 is available. Public exploit code for vulnerability #26 is available. |
| Vulnerable software Subscribe |
Debian Linux Operating systems & Components / Operating system |
| Vendor | Debian |
Security Bulletin
This security bulletin contains information about 27 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU9883
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-5715
CWE-ID:
CWE-200 - Information exposure
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can utilize branch target injection, execute arbitrary code, perform a side-channel attack and read sensitive memory information.
MitigationUpdate the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://newsroom.intel.com/news/intel-responds-to-security-research-findings/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Information disclosure
EUVDB-ID: #VU9884
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:H/RL:O/RC:C]
CVE-ID: CVE-2017-5753
CWE-ID:
CWE-200 - Information exposure
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can perform a bounds check bypass, execute arbitrary code, conduct a side-channel attack and read sensitive memory information.
MitigationUpdate the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://01.org/security/advisories/intel-oss-10002
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
3) Use-after-free error
EUVDB-ID: #VU11313
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-17975
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c due to use-after-free error. A local attacker can trigger failure of audio registration, because a kfree of the usbtv
data structure occurs during a usbtv_video_free call, but the
usbtv_video_fail label's code attempts to both access and free this data
structure.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://linuxtesting.org/pipermail/ldv-project/2017-November/001008.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Memory corruption
EUVDB-ID: #VU11165
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-18193
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the fs/f2fs/extent_cache.c source code due to improper handling of extent trees. A local attacker can use an application with multiple threads, trigger memory corruption and cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) NULL pointer dereference
EUVDB-ID: #VU11299
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-18216
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to the affected software does not use the subsystem.su_mutex component while accessing an item->ci_parent. A local attacker can trigger NULL pointer dereference in in the fs/ocfs2/cluster/nodemanager.c source code file cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use after free
EUVDB-ID: #VU11305
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-18218
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the drivers/net/ethernet/hisilicon/hns/hns_enet.c source code due to use-after-free. A local attacker can trigger memory corruption and cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU10933
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-18222
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition no the target system.
The weakness exists due to buffer overflow. A local attacker can trigger memory corruption and cause the system to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Race condition
EUVDB-ID: #VU10947
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-18224
Exploit availability: No
DescriptionThe vulnerability allow a local attacker to cause DoS condition on the target system.
The weakness exists in the fs/ocfs2/aops.c source code due to race condition. A local attacker can trigger memory corruption and cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) NULL pointer dereference
EUVDB-ID: #VU11264
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-18241
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the fs/f2fs/segment.c source code file due to the use of the noflush_merge option, which could trigger a NULL value for a flush_cmd_control data structure. A local attacker can trigger NULL pointer dereference and kernel panic and cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper input validation
EUVDB-ID: #VU11614
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-18257
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in get_data_block function of the fs/f2fs/data.c library due to improper validation of user-supplied input. A local attacker can run a specially crafted program, designed to send malicious requests to the Linux Kernel and cause the system to stop responding.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Null pointer dereference
EUVDB-ID: #VU10851
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1065
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition no the target system.
The weakness exists due to NULL pointer dereference. A local attacker with the capability to insert iptables/netfilter rules can leverage the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c, trigger a jump to an invalid chain and cause the system to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://lists.openwall.net/netdev/2018/01/27/46
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) NULL pointer dereference
EUVDB-ID: #VU11191
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1066
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() function due to NULL pointer dereference. A remote attacker can cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Privilege escalation
EUVDB-ID: #VU11145
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1068
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to an error in the implementation of 32 bit syscall interface. A local attacker can gain root privileges.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) NULL pointer dereference
EUVDB-ID: #VU11518
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-1092
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to improper processing of a customized ext4 image when using the ext4_iget function, as defined in the fs/ext4/inode.c source code file. A local attacker can mount a customized ext4 image, trigger NULL pointer dereference and an Out-of-Process Space (OOPS) kernel memory error and cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://bugzilla.kernel.org/show_bug.cgi?id=199179
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
15) Out-of-bounds read
EUVDB-ID: #VU11524
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1093
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to improper validation of bitmap block numbers by the balloc.c and ialloc.c source codes. A local attacker can mount a customized ext4 image, trigger out-of-bounds read in the ext4/balloc.c:ext4_valid_block_bitmap() function ans cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://bugzilla.kernel.org/show_bug.cgi?id=199181
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Improper initialization
EUVDB-ID: #VU12179
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1108
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the crng_ready() function due to improper initialization. A remote attacker can cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Memory corruption
EUVDB-ID: #VU10812
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-5803
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the _sctp_make_chunk() function due to boundary error. A local attacker can submit a crafted SCTP packet, trigger memory corruption and cause the service to crash.
MitigationUpdate the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Double-free error
EUVDB-ID: #VU10769
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-7480
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the block/blk-cgroup.c source code in the blkcg_init_queue function due to double free. A remote attacker can trigger memory corruption and cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Memory corruption
EUVDB-ID: #VU11458
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-7566
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to write arbitrary files on the target system.
The weakness exists due to out-of-bounds write while ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A local attacker can trigger buffer overflow and use after free and reset the pool size manually via ioctl concurrently and write arbitrary files.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Memory corruption
EUVDB-ID: #VU10922
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:U/RC:C]
CVE-ID: CVE-2018-7740
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition no the target system.
The weakness exists in the resv_map_release function due to boundary error when handling user-supplied input. A local attacker can execute an application that submits malicious input, trigger memory corruption and cause the system to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://bugzilla.kernel.org/show_bug.cgi?id=199037
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
21) Memory leak
EUVDB-ID: #VU10927
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-7757
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the drivers/scsi/libsas/sas_expander.c source code in the sas_smp_get_phy_events function due to memory leak. A local attacker can trigger memory corruption and cause the system to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Race condition
EUVDB-ID: #VU10950
Risk: Low
CVSSv3.1: 3.5 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-7995
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the arch/x86/kernel/cpu/mcheck/mce.c source code due to race condition. A local attacker can trigger memory corruption and cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Memory corruption
EUVDB-ID: #VU11137
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-8087
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the hwsim_new_radio_nl function due to memory leak. A local attacker can trigger memory corruption and cause the service the crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Integer overflow
EUVDB-ID: #VU12338
Risk: Low
CVSSv3.1: 7.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-8781
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c due to integer overflow. A local attacker can gain full read and write permissions on kernel physical pages and execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://patchwork.freedesktop.org/patch/211845/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
25) Privilege escalation
EUVDB-ID: #VU11228
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-8822
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the ncp_read_kernel function due to incorrect buffer length handling. A local attacker can submit specially crafted data from a malicious NCPFS server, trigger memory corruption and execute arbitrary code with root privileges.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://www.mail-archive.com/netdev@vger.kernel.org/msg223373.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) NULL pointer dereference
EUVDB-ID: #VU12185
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:U/RC:C]
CVE-ID: CVE-2018-10323
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the xfs_bmap_extents_to_btree function in the fs/xfs/libxfs/xfs_bmap.c source code file due to NULL pointer dereference when handling Extended File System (XFS) images. A local attacker can mount a specially crafted XFS filesystem image when filesystem operations are executed on the mounted image and cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linkshttp://bugzilla.kernel.org/show_bug.cgi?id=199423
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
27) Error handling
EUVDB-ID: #VU12337
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1000199
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the modify_user_hw_breakpoint() function due to error handling flaw. A local attacker can cause the service to crash.
Update the affected package to version: 4.9.88-1
Vulnerable software versionsDebian Linux: All versions
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
