CVE-2018-5814

Опубликовано: 15 мая 2018

Источник: redhat

CVSS3: 5.3

Описание

In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets.

Multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets. Successful exploitation requires USB over IP daemon (usbipd) to be running.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-362

https://bugzilla.redhat.com/show_bug.cgi?id=1588620kernel: Race condition errors in USB over IP functionality can cause denial of service

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2018-5814

CVSS3: 7

ubuntu

больше 7 лет назад

CVE-2018-5814

CVSS3: 7

nvd

больше 7 лет назад

CVE-2018-5814

CVSS3: 7

debian

больше 7 лет назад

In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4. ...

GHSA-6345-747p-2qjq

CVSS3: 7

github

больше 3 лет назад

SUSE-SU-2019:1245-1

suse-cvrf

больше 6 лет назад

Security update for the Linux Kernel

5.3 Medium

CVSS3