Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-16948

Опубликовано: 12 сент. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSCB service, clients are also susceptible to information leakage. For example, RXAFSCB_TellMeAboutYourself leaks kernel memory and KAM_ListEntry leaks kaserver memory.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

not-affected

1.8.4~pre1-1ubuntu2
disco

not-affected

1.8.2-1ubuntu0.1
eoan

not-affected

1.8.4~pre1-1ubuntu2
esm-apps/bionic

needed

esm-apps/focal

not-affected

1.8.4~pre1-1ubuntu2
esm-apps/jammy

not-affected

1.8.4~pre1-1ubuntu2
esm-apps/noble

not-affected

1.8.4~pre1-1ubuntu2
esm-apps/xenial

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 59%
0.00376
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-16948

CVSS3: 7.5
nvd
больше 7 лет назад

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSCB service, clients are also susceptible to information leakage. For example, RXAFSCB_TellMeAboutYourself leaks kernel memory and KAM_ListEntry leaks kaserver memory.

debian логотип

CVE-2018-16948

CVSS3: 7.5
debian
больше 7 лет назад

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8. ...

github логотип

GHSA-q586-r5vx-jgjf

CVSS3: 7.5
github
больше 3 лет назад

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSCB service, clients are also susceptible to information leakage. For example, RXAFSCB_TellMeAboutYourself leaks kernel memory and KAM_ListEntry leaks kaserver memory.

EPSS

Процентиль: 59%
0.00376
Низкий

5 Medium

CVSS2

7.5 High

CVSS3