Local denial of service in FreeBSD



Published: 2019-11-13
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-12207
CWE-ID CWE-119
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe
FreeBSD
Operating systems & Components / Operating system

Vendor FreeBSD Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Buffer overflow

EUVDB-ID: #VU22712

Risk: Low

CVSSv3.1: 4.2 [CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-12207

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the mechanism responsible for error handling on some Intel platforms. A local user of a guest operating system can use a specially crafted application to trigger memory corruption and cause the host system to stop responding.

Successful exploitation of this vulnerability may result in a denial of service (DoS) attack.

Below is the list of processor families that are affected by this vulnerability:

Client:

  • Intel Core i3 Processors
  • Intel Core i5 Processors
  • Intel Core i7 Processors
  • Intel Core m Processor Family
  • 2nd generation Intel Core Processors
  • 3rd generation Intel Core Processors
  • 4th generation Intel Core Processors
  • 5th generation Intel Core Processors
  • 6th generation Intel Core Processors
  • 7th generation Intel Core Processors
  • 8th generation Intel Core Processors
  • Intel Core X-series Processor Family
  • Intel Pentium Gold Processor Series
  • Intel Celeron Processor G Series

Server:

  • 2nd Generation Intel Xeon Scalable Processors
  • Intel Xeon Scalable Processors
  • Intel Xeon Processor E7 v4 Family
  • Intel Xeon Processor E7 v3 Family
  • Intel Xeon Processor E7 v2 Family
  • Intel Xeon Processor E7 Family
  • Intel Xeon Processor E5 v4 Family
  • Intel Xeon Processor E5 v3 Family
  • Intel Xeon Processor E5 v2 Family
  • Intel Xeon Processor E5 Family
  • Intel Xeon Processor E3 v6 Family
  • Intel Xeon Processor E3 v5 Family
  • Intel Xeon Processor E3 v4 Family
  • Intel Xeon Processor E3 v3 Family
  • Intel Xeon Processor E3 v2 Family
  • Intel Xeon Processor E3 Family
  • Intel Xeon E Processor
  • Intel Xeon D Processor
  • Intel Xeon W Processor
  • Legacy Intel Xeon Processor

Mitigation

Install updates from vendor's website.

[FreeBSD 12.1]
# fetch https://security.FreeBSD.org/patches/SA-19:25/mcepsc.12.1.patch
# fetch https://security.FreeBSD.org/patches/SA-19:25/mcepsc.12.1.patch.asc
# gpg --verify mcepsc.12.1.patch.asc

[FreeBSD 12.0]
# fetch https://security.FreeBSD.org/patches/SA-19:25/mcepsc.12.0.patch
# fetch https://security.FreeBSD.org/patches/SA-19:25/mcepsc.12.0.patch.asc
# gpg --verify mcepsc.12.0.patch.asc

[FreeBSD 11.3]
# fetch https://security.FreeBSD.org/patches/SA-19:25/mcepsc.11.patch
# fetch https://security.FreeBSD.org/patches/SA-19:25/mcepsc.11.patch.asc
# gpg --verify mcepsc.11.patch.asc

Vulnerable software versions

FreeBSD: 11.0 - 12.1


CPE2.3 External links

http://www.freebsd.org/security/advisories/FreeBSD-SA-19:25.mcepsc.asc

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###