Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-14619

Опубликовано: 30 авг. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.2
CVSS3: 7.8

Описание

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user being able to crash the system or possibly escalate privileges.

РелизСтатусПримечание
bionic

not-affected

4.15.0-10.11
cosmic

not-affected

4.15.0-20.21
devel

not-affected

4.15.0-20.21
esm-infra-legacy/trusty

not-affected

esm-infra/bionic

not-affected

4.15.0-10.11
esm-infra/xenial

not-affected

precise/esm

not-affected

trusty

not-affected

trusty/esm

not-affected

upstream

released

4.15~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1001.1
cosmic

not-affected

4.15.0-1007.7
devel

not-affected

4.15.0-1007.7
esm-infra-legacy/trusty

not-affected

esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

precise/esm

DNE

trusty

not-affected

trusty/esm

not-affected

upstream

released

4.15~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.2
cosmic

not-affected

4.15.0-1009.9
devel

not-affected

4.15.0-1009.9
esm-infra-legacy/trusty

not-affected

4.15.0-1023.24~14.04.1
esm-infra/bionic

not-affected

4.15.0-1002.2
esm-infra/xenial

not-affected

4.15.0-1013.13~16.04.2
precise/esm

DNE

trusty

not-affected

4.15.0-1023.24~14.04.1
trusty/esm

not-affected

4.15.0-1023.24~14.04.1
upstream

released

4.15~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.18.0-1003.3~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.18.0-1003.3~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4
xenial

not-affected

4.15.0-1002.2

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4
xenial

not-affected

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.15~rc4
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1001.1
cosmic

not-affected

4.15.0-1006.6
devel

not-affected

4.15.0-1006.6
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

4.15.0-1014.14~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.15~rc4
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.15~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

esm-infra/xenial

not-affected

4.15.0-24.26~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.18.0-8.9~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.18.0-8.9~18.04.1
esm-infra/xenial

not-affected

4.15.0-24.26~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.2
cosmic

not-affected

4.15.0-1008.8
devel

not-affected

4.15.0-1008.8
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.2
esm-infra/xenial

not-affected

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

not-affected

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.15~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.15~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.15~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

precise/esm

DNE

trusty

not-affected

trusty/esm

not-affected

upstream

released

4.15~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.15~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.15~rc4
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.15~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.3
cosmic

not-affected

4.15.0-1004.5
devel

not-affected

4.15.0-1004.5
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.3
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4
xenial

not-affected

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1006.7
cosmic

not-affected

4.15.0-1010.11
devel

not-affected

4.15.0-1010.11
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4
xenial

not-affected

Показывать по

РелизСтатусПримечание
bionic

not-affected

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.15~rc4
xenial

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 30%
0.00113
Низкий

7.2 High

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-14619

CVSS3: 6.2
redhat
больше 7 лет назад

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user being able to crash the system or possibly escalate privileges.

nvd логотип

CVE-2018-14619

CVSS3: 7.8
nvd
больше 7 лет назад

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user being able to crash the system or possibly escalate privileges.

debian логотип

CVE-2018-14619

CVSS3: 7.8
debian
больше 7 лет назад

A flaw was found in the crypto subsystem of the Linux kernel before ve ...

github логотип

GHSA-r8cr-q337-j896

CVSS3: 7.8
github
больше 3 лет назад

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user being able to crash the system or possibly escalate privileges.

EPSS

Процентиль: 30%
0.00113
Низкий

7.2 High

CVSS2

7.8 High

CVSS3

Уязвимость CVE-2018-14619