CVE-2018-18386

Опубликовано: 20 дек. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.

A security flaw was found in the Linux kernel in drivers/tty/n_tty.c which allows local attackers (ones who are able to access pseudo terminals) to lock them up and block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ handler.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise MRG 2	kernel-rt	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Fixed	RHSA-2019:0831	23.04.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-843

https://bugzilla.redhat.com/show_bug.cgi?id=1640598kernel: Type confusion in drivers/tty/n_tty.c allows for a denial of service

EPSS

Процентиль: 15%

0.0005

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2018-18386

CVSS3: 3.3

ubuntu

больше 6 лет назад

CVE-2018-18386

CVSS3: 3.3

nvd

больше 6 лет назад

CVE-2018-18386

CVSS3: 3.3

debian

больше 6 лет назад

drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local at ...

SUSE-SU-2018:3772-1

suse-cvrf

больше 6 лет назад

Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP1)

GHSA-j3hq-436j-w545

CVSS3: 3.3

github

около 3 лет назад

EPSS

Процентиль: 15%

0.0005

Низкий

3.3 Low

CVSS3