Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-7757

Опубликовано: 08 мар. 2018
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.

Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel allows local users to cause a denial of service (kernel memory exhaustion) via multiple read accesses to files in the /sys/class/sas_phy directory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelWill not fix
Red Hat Enterprise Linux 6kernelFix deferred
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelFix deferred
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2018:309630.10.2018
Red Hat Enterprise Linux 7kernel-altFixedRHSA-2018:294830.10.2018
Red Hat Enterprise Linux 7kernelFixedRHSA-2018:308330.10.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1553361kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c

EPSS

Процентиль: 27%
0.0009
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-7757

CVSS3: 5.5
ubuntu
больше 7 лет назад

Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.

nvd логотип

CVE-2018-7757

CVSS3: 5.5
nvd
больше 7 лет назад

Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.

debian логотип

CVE-2018-7757

CVSS3: 5.5
debian
больше 7 лет назад

Memory leak in the sas_smp_get_phy_events function in drivers/scsi/lib ...

github логотип

GHSA-4wjx-42q4-77fh

CVSS3: 5.5
github
около 3 лет назад

Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.

oracle-oval логотип

ELSA-2018-4269

oracle-oval
больше 6 лет назад

ELSA-2018-4269: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 27%
0.0009
Низкий

5.5 Medium

CVSS3