CVE-2018-8822

Опубликовано: 20 мар. 2018

Источник: redhat

CVSS3: 6.4

EPSS Низкий

Описание

Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code.

Incorrect buffer length handling was found in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel, which could be exploited by malicious NCPFS servers to crash the kernel or possibly execute an arbitrary code.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-119

https://bugzilla.redhat.com/show_bug.cgi?id=1558697kernel: Memory corruption in ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c

EPSS

Процентиль: 17%

0.00053

Низкий

6.4 Medium

CVSS3

Связанные уязвимости

CVE-2018-8822

CVSS3: 7.8

ubuntu

почти 8 лет назад

CVE-2018-8822

CVSS3: 7.8

nvd

почти 8 лет назад

CVE-2018-8822

CVSS3: 7.8

debian

почти 8 лет назад

Incorrect buffer length handling in the ncp_read_kernel function in fs ...

GHSA-h62p-crx4-36fq

CVSS3: 7.8

github

больше 3 лет назад

SUSE-SU-2018:1048-1

suse-cvrf

почти 8 лет назад

Security update for the Linux Kernel

EPSS

Процентиль: 17%

0.00053

Низкий

6.4 Medium

CVSS3