CVE-2018-1066

Опубликовано: 02 мар. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 7.1

EPSS Низкий

Описание

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.

Ссылки

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cabfb3680f78981d26c078a26e5c748531257ebb
Patch
Vendor Advisory
http://www.securityfocus.com/bid/103378
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1539599
Issue Tracking
Third Party Advisory
https://github.com/torvalds/linux/commit/cabfb3680f78981d26c078a26e5c748531257ebb
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
Mailing List
Third Party Advisory
https://patchwork.kernel.org/patch/10187633/
Patch
Third Party Advisory
https://usn.ubuntu.com/3880-1/
Third Party Advisory
https://usn.ubuntu.com/3880-2/
Third Party Advisory
https://www.debian.org/security/2018/dsa-4187
Third Party Advisory
https://www.debian.org/security/2018/dsa-4188
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cabfb3680f78981d26c078a26e5c748531257ebb
Patch
Vendor Advisory
http://www.securityfocus.com/bid/103378
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1539599
Issue Tracking
Third Party Advisory
https://github.com/torvalds/linux/commit/cabfb3680f78981d26c078a26e5c748531257ebb
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
Mailing List
Third Party Advisory
https://patchwork.kernel.org/patch/10187633/
Patch
Third Party Advisory
https://usn.ubuntu.com/3880-1/
Third Party Advisory
https://usn.ubuntu.com/3880-2/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 4.10.15 (включая)

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 85%

0.02556

Низкий

6.5 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2018-1066

CVSS3: 6.5

ubuntu

больше 7 лет назад

CVE-2018-1066

CVSS3: 6.5

redhat

больше 10 лет назад

CVE-2018-1066

CVSS3: 6.5

debian

больше 7 лет назад

The Linux kernel before version 4.11 is vulnerable to a NULL pointer d ...

GHSA-32qx-3229-j5m2

CVSS3: 6.5

github

около 3 лет назад

BDU:2018-00526

CVSS3: 6.5

fstec

больше 8 лет назад

Уязвимость функции setup_ntlmv2_rsp() (fs/cifs/cifsencrypt.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 85%

0.02556

Низкий

6.5 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-476