All the vulnerabilites related to Linux Foundation - Linux Kernel
cve-2018-5814
Vulnerability from cvelistv5
Published
2018-06-12 16:00
Modified
2024-08-05 05:47
Severity ?
Summary
In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets.
References
https://usn.ubuntu.com/3752-2/vendor-advisory, x_refsource_UBUNTU
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.htmlmailing-list, x_refsource_MLIST
https://usn.ubuntu.com/3696-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3752-3/vendor-advisory, x_refsource_UBUNTU
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.htmlmailing-list, x_refsource_MLIST
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.11x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.htmlmailing-list, x_refsource_MLIST
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.43x_refsource_CONFIRM
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.133x_refsource_CONFIRM
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.102x_refsource_CONFIRM
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-8/x_refsource_MISC
https://usn.ubuntu.com/3696-2/vendor-advisory, x_refsource_UBUNTU
http://www.securitytracker.com/id/1041050vdb-entry, x_refsource_SECTRACK
https://secuniaresearch.flexerasoftware.com/advisories/81540/third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/3752-1/vendor-advisory, x_refsource_UBUNTU
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=22076557b07c12086eeb16b8ce2b0b735f7a27e7x_refsource_CONFIRM
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c171654caa875919be3c533d3518da8be5be966ex_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.htmlvendor-advisory, x_refsource_SUSE
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:47:55.989Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3752-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3752-2/"
          },
          {
            "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
          },
          {
            "name": "USN-3696-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3696-1/"
          },
          {
            "name": "USN-3752-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3752-3/"
          },
          {
            "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.11"
          },
          {
            "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.43"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.133"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.102"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-8/"
          },
          {
            "name": "USN-3696-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3696-2/"
          },
          {
            "name": "1041050",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041050"
          },
          {
            "name": "81540",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "https://secuniaresearch.flexerasoftware.com/advisories/81540/"
          },
          {
            "name": "USN-3752-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3752-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=22076557b07c12086eeb16b8ce2b0b735f7a27e7"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c171654caa875919be3c533d3518da8be5be966e"
          },
          {
            "name": "openSUSE-SU-2019:1407",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux Kernel",
          "vendor": "Linux Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "Before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133"
            }
          ]
        }
      ],
      "datePublic": "2018-05-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-20T14:06:09",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "USN-3752-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3752-2/"
        },
        {
          "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
        },
        {
          "name": "USN-3696-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3696-1/"
        },
        {
          "name": "USN-3752-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3752-3/"
        },
        {
          "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.11"
        },
        {
          "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.43"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.133"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.102"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-8/"
        },
        {
          "name": "USN-3696-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3696-2/"
        },
        {
          "name": "1041050",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041050"
        },
        {
          "name": "81540",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "https://secuniaresearch.flexerasoftware.com/advisories/81540/"
        },
        {
          "name": "USN-3752-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3752-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=22076557b07c12086eeb16b8ce2b0b735f7a27e7"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c171654caa875919be3c533d3518da8be5be966e"
        },
        {
          "name": "openSUSE-SU-2019:1407",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2018-5814",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux Kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3752-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3752-2/"
            },
            {
              "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
            },
            {
              "name": "USN-3696-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3696-1/"
            },
            {
              "name": "USN-3752-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3752-3/"
            },
            {
              "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.11",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.11"
            },
            {
              "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.43",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.43"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.133",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.133"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.102",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.102"
            },
            {
              "name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-8/",
              "refsource": "MISC",
              "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-8/"
            },
            {
              "name": "USN-3696-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3696-2/"
            },
            {
              "name": "1041050",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041050"
            },
            {
              "name": "81540",
              "refsource": "SECUNIA",
              "url": "https://secuniaresearch.flexerasoftware.com/advisories/81540/"
            },
            {
              "name": "USN-3752-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3752-1/"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=22076557b07c12086eeb16b8ce2b0b735f7a27e7",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=22076557b07c12086eeb16b8ce2b0b735f7a27e7"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c171654caa875919be3c533d3518da8be5be966e",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c171654caa875919be3c533d3518da8be5be966e"
            },
            {
              "name": "openSUSE-SU-2019:1407",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2018-5814",
    "datePublished": "2018-06-12T16:00:00",
    "dateReserved": "2018-01-19T00:00:00",
    "dateUpdated": "2024-08-05T05:47:55.989Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-5803
Vulnerability from cvelistv5
Published
2018-06-12 16:00
Modified
2024-08-05 05:47
Severity ?
Summary
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
References
https://secuniaresearch.flexerasoftware.com/advisories/81331/third-party-advisory, x_refsource_SECUNIA
https://access.redhat.com/errata/RHSA-2018:3083vendor-advisory, x_refsource_REDHAT
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25x_refsource_CONFIRM
https://www.debian.org/security/2018/dsa-4187vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3654-1/vendor-advisory, x_refsource_UBUNTU
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2018:1854vendor-advisory, x_refsource_REDHAT
https://usn.ubuntu.com/3697-1/vendor-advisory, x_refsource_UBUNTU
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102x_refsource_CONFIRM
https://www.debian.org/security/2018/dsa-4188vendor-advisory, x_refsource_DEBIAN
https://www.spinics.net/lists/netdev/msg482523.htmlmailing-list, x_refsource_MLIST
https://access.redhat.com/errata/RHSA-2018:2948vendor-advisory, x_refsource_REDHAT
https://usn.ubuntu.com/3697-2/vendor-advisory, x_refsource_UBUNTU
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9cx_refsource_CONFIRM
https://www.spinics.net/lists/linux-sctp/msg07036.htmlmailing-list, x_refsource_MLIST
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87x_refsource_CONFIRM
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8x_refsource_CONFIRM
https://usn.ubuntu.com/3654-2/vendor-advisory, x_refsource_UBUNTU
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121x_refsource_CONFIRM
https://usn.ubuntu.com/3698-1/vendor-advisory, x_refsource_UBUNTU
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.htmlmailing-list, x_refsource_MLIST
https://usn.ubuntu.com/3656-1/vendor-advisory, x_refsource_UBUNTU
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/x_refsource_MISC
https://access.redhat.com/errata/RHSA-2018:3096vendor-advisory, x_refsource_REDHAT
https://usn.ubuntu.com/3698-2/vendor-advisory, x_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2019:0641vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:47:55.973Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "81331",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "https://secuniaresearch.flexerasoftware.com/advisories/81331/"
          },
          {
            "name": "RHSA-2018:3083",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3083"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25"
          },
          {
            "name": "DSA-4187",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4187"
          },
          {
            "name": "USN-3654-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51"
          },
          {
            "name": "RHSA-2018:1854",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1854"
          },
          {
            "name": "USN-3697-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3697-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102"
          },
          {
            "name": "DSA-4188",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4188"
          },
          {
            "name": "[netdev] 20180207 [Secunia Research] Linux Kernel Vulnerability - Sending information",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://www.spinics.net/lists/netdev/msg482523.html"
          },
          {
            "name": "RHSA-2018:2948",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2948"
          },
          {
            "name": "USN-3697-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3697-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c"
          },
          {
            "name": "[linux-sctp] 20180209 skb_over_panic on INIT/INIT_ACK packet sending",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://www.spinics.net/lists/linux-sctp/msg07036.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8"
          },
          {
            "name": "USN-3654-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3654-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121"
          },
          {
            "name": "USN-3698-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3698-1/"
          },
          {
            "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
          },
          {
            "name": "USN-3656-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3656-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/"
          },
          {
            "name": "RHSA-2018:3096",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3096"
          },
          {
            "name": "USN-3698-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3698-2/"
          },
          {
            "name": "RHSA-2019:0641",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0641"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux Kernel",
          "vendor": "Linux Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "Before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102."
            }
          ]
        }
      ],
      "datePublic": "2018-02-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-26T10:06:07",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "81331",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "https://secuniaresearch.flexerasoftware.com/advisories/81331/"
        },
        {
          "name": "RHSA-2018:3083",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3083"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25"
        },
        {
          "name": "DSA-4187",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4187"
        },
        {
          "name": "USN-3654-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51"
        },
        {
          "name": "RHSA-2018:1854",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1854"
        },
        {
          "name": "USN-3697-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3697-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102"
        },
        {
          "name": "DSA-4188",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4188"
        },
        {
          "name": "[netdev] 20180207 [Secunia Research] Linux Kernel Vulnerability - Sending information",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://www.spinics.net/lists/netdev/msg482523.html"
        },
        {
          "name": "RHSA-2018:2948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2948"
        },
        {
          "name": "USN-3697-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3697-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c"
        },
        {
          "name": "[linux-sctp] 20180209 skb_over_panic on INIT/INIT_ACK packet sending",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://www.spinics.net/lists/linux-sctp/msg07036.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8"
        },
        {
          "name": "USN-3654-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3654-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121"
        },
        {
          "name": "USN-3698-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3698-1/"
        },
        {
          "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
        },
        {
          "name": "USN-3656-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3656-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/"
        },
        {
          "name": "RHSA-2018:3096",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3096"
        },
        {
          "name": "USN-3698-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3698-2/"
        },
        {
          "name": "RHSA-2019:0641",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0641"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2018-5803",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux Kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "81331",
              "refsource": "SECUNIA",
              "url": "https://secuniaresearch.flexerasoftware.com/advisories/81331/"
            },
            {
              "name": "RHSA-2018:3083",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3083"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25"
            },
            {
              "name": "DSA-4187",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4187"
            },
            {
              "name": "USN-3654-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-1/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51"
            },
            {
              "name": "RHSA-2018:1854",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1854"
            },
            {
              "name": "USN-3697-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3697-1/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102"
            },
            {
              "name": "DSA-4188",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4188"
            },
            {
              "name": "[netdev] 20180207 [Secunia Research] Linux Kernel Vulnerability - Sending information",
              "refsource": "MLIST",
              "url": "https://www.spinics.net/lists/netdev/msg482523.html"
            },
            {
              "name": "RHSA-2018:2948",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2948"
            },
            {
              "name": "USN-3697-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3697-2/"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c"
            },
            {
              "name": "[linux-sctp] 20180209 skb_over_panic on INIT/INIT_ACK packet sending",
              "refsource": "MLIST",
              "url": "https://www.spinics.net/lists/linux-sctp/msg07036.html"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.8"
            },
            {
              "name": "USN-3654-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3654-2/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.121"
            },
            {
              "name": "USN-3698-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3698-1/"
            },
            {
              "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
            },
            {
              "name": "USN-3656-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3656-1/"
            },
            {
              "name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/",
              "refsource": "MISC",
              "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-2/"
            },
            {
              "name": "RHSA-2018:3096",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3096"
            },
            {
              "name": "USN-3698-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3698-2/"
            },
            {
              "name": "RHSA-2019:0641",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0641"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2018-5803",
    "datePublished": "2018-06-12T16:00:00",
    "dateReserved": "2018-01-19T00:00:00",
    "dateUpdated": "2024-08-05T05:47:55.973Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-0810
Vulnerability from cvelistv5
Published
2020-02-12 13:14
Modified
2024-08-06 18:38
Severity ?
Summary
The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:38:14.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=794557"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git/commit/?id=e5d4e1c3ccee18c68f23d62ba77bda26e893d4f0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git/commit/?id=bcf6b1d78c0bde228929c388978ed3af9a623463"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux kernel",
          "vendor": "Linux Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "before 3.3"
            }
          ]
        }
      ],
      "datePublic": "2012-02-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-12T13:14:31",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=794557"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git/commit/?id=e5d4e1c3ccee18c68f23d62ba77bda26e893d4f0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git/commit/?id=bcf6b1d78c0bde228929c388978ed3af9a623463"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-0810",
    "datePublished": "2020-02-12T13:14:32",
    "dateReserved": "2012-01-19T00:00:00",
    "dateUpdated": "2024-08-06T18:38:14.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}