Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-16885

Опубликовано: 03 янв. 2019
Источник: nvd
CVSS3: 4.7
CVSS3: 5.5
CVSS2: 4.9
EPSS Низкий

Описание

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. This issue only affects kernel version 3.10.x as shipped with Red Hat Enterprise Linux 7.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.10.0 (включая) до 3.10.90 (включая)
Конфигурация 2
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 28%
0.00101
Низкий

4.7 Medium

CVSS3

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-125
CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2018-16885

CVSS3: 4.7
ubuntu
больше 6 лет назад

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. This issue only affects kernel version 3.10.x as shipped with Red Hat Enterprise Linux 7.

redhat логотип

CVE-2018-16885

CVSS3: 4.7
redhat
почти 7 лет назад

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. This issue only affects kernel version 3.10.x as shipped with Red Hat Enterprise Linux 7.

debian логотип

CVE-2018-16885

CVSS3: 4.7
debian
больше 6 лет назад

A flaw was found in the Linux kernel that allows the userspace to call ...

github логотип

GHSA-cvhh-gmhx-mhv4

CVSS3: 5.5
github
больше 3 лет назад

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. This issue only affects kernel version 3.10.x as shipped with Red Hat Enterprise Linux 7.

fstec логотип

BDU:2019-02779

CVSS3: 5.5
fstec
почти 7 лет назад

Уязвимость функции memcpy_fromiovecend () ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 28%
0.00101
Низкий

4.7 Medium

CVSS3

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-125
CWE-125