CVE-2018-12714

Опубликовано: 24 июн. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 10

CVSS3: 9.8

Описание

An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via crafted perf_event_open and mmap system calls.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected
devel	not-affected	4.17.0-5.6
esm-infra-legacy/trusty	not-affected
esm-infra/bionic	not-affected
esm-infra/xenial	not-affected
precise/esm	ignored	end of life, was needed
trusty	not-affected
trusty/esm	not-affected
upstream	released	4.18~rc2

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	not-affected
devel	not-affected
esm-infra-legacy/trusty	not-affected
esm-infra/bionic	not-affected
esm-infra/xenial	not-affected
precise/esm	DNE
trusty	not-affected
trusty/esm	not-affected
upstream	released	4.18~rc2

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	not-affected
devel	not-affected
esm-infra-legacy/trusty	not-affected
esm-infra/bionic	not-affected
esm-infra/xenial	not-affected
precise/esm	DNE
trusty	not-affected
trusty/esm	not-affected
upstream	released	4.18~rc2

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	ignored	end of standard support, was pending
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	pending	4.18.0-1003.3~18.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2
xenial	not-affected

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2
xenial	ignored	end of standard support, was needed

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.18~rc2
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	not-affected
devel	not-affected
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected
esm-infra/xenial	not-affected
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.18~rc2
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.18~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	not-affected
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected
esm-infra/xenial	not-affected
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	released	4.18.0-8.9~18.04.1
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	released	4.18.0-8.9~18.04.1
esm-infra/xenial	not-affected
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	not-affected
devel	not-affected
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected
esm-infra/xenial	not-affected
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	ignored	end of life, was needed
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.18~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.18~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.18~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-infra-legacy/trusty	not-affected
precise/esm	DNE
trusty	not-affected
trusty/esm	not-affected
upstream	released	4.18~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.18~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.18~rc2
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.18~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
artful	DNE
bionic	not-affected
devel	not-affected
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2
xenial	not-affected

Показывать по

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected
devel	not-affected
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2
xenial	not-affected

Показывать по

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.18~rc2
xenial	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 82%

0.01699

Низкий

10 Critical

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2018-12714

CVSS3: 7.1

redhat

больше 7 лет назад

CVE-2018-12714

CVSS3: 9.8

nvd

больше 7 лет назад

CVE-2018-12714

CVSS3: 9.8

debian

больше 7 лет назад

An issue was discovered in the Linux kernel through 4.17.2. The filter ...

GHSA-xj9w-qxv5-jhjg

CVSS3: 9.8

github

больше 3 лет назад

EPSS

Процентиль: 82%

0.01699

Низкий

10 Critical

CVSS2

9.8 Critical

CVSS3

CVE-2018-12714

Описание

Пакет linux

Пакет linux-aws

Пакет linux-azure

Пакет linux-azure-edge

Пакет linux-euclid

Пакет linux-flo

Пакет linux-gcp

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-kvm

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-oem

Пакет linux-raspi2

Пакет linux-snapdragon

Ссылки на источники

Связанные уязвимости