CVE-2018-18445

Опубликовано: 17 окт. 2018

Источник: ubuntu

Приоритет: medium

CVSS2: 7.2

CVSS3: 7.8

Описание

In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.

Релиз	Статус	Примечание
bionic	released	4.15.0-43.46
cosmic	released	4.18.0-12.13
devel	not-affected	4.19.0-12.13
esm-infra-legacy/trusty	not-affected	3.11.0-12.19
esm-infra/bionic	not-affected	4.15.0-43.46
esm-infra/xenial	not-affected	4.2.0-16.19
precise/esm	not-affected	3.0.0-12.20
trusty	not-affected	3.11.0-12.19
trusty/esm	not-affected	3.11.0-12.19
upstream	released	4.19~rc7

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1031.33
cosmic	released	4.18.0-1006.7
devel	not-affected	4.18.0-1006.7
esm-infra-legacy/trusty	not-affected	4.4.0-1002.2
esm-infra/bionic	not-affected	4.15.0-1031.33
esm-infra/xenial	not-affected	4.4.0-1001.10
precise/esm	DNE
trusty	not-affected	4.4.0-1002.2
trusty/esm	not-affected	4.4.0-1002.2
upstream	released	4.19~rc7

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.15.0-1031.33~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7
xenial	released	4.15.0-1031.33~16.04.1

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1036.38
cosmic	released	4.18.0-1006.6
devel	not-affected	4.18.0-1006.6
esm-infra-legacy/trusty	not-affected	4.15.0-1036.38~14.04.2
esm-infra/bionic	not-affected	4.15.0-1036.38
esm-infra/xenial	not-affected	4.15.0-1036.38~16.04.1
precise/esm	DNE
trusty	released	4.15.0-1036.38~14.04.2
trusty/esm	not-affected	4.15.0-1036.38~14.04.2
upstream	released	4.19~rc7

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1036.38
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1036.38
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7
xenial	released	4.15.0-1036.38~16.04.1

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7
xenial	not-affected	4.4.0-9019.20

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc7
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1026.27
cosmic	released	4.18.0-1004.5
devel	not-affected	4.18.0-1004.5
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1026.27
esm-infra/xenial	not-affected	4.15.0-1026.27~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.18.0-1004.5~18.04.1
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-1004.5~18.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc7
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc7
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.18.0-13.14~18.04.1
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-13.14~18.04.1
esm-infra/xenial	not-affected	4.15.0-43.46~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	5.0.0-8.9~18.04.1
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	5.0.0-8.9~18.04.1
esm-infra/xenial	not-affected	4.15.0-43.46~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1028.28
cosmic	released	4.18.0-1005.5
devel	not-affected	4.18.0-1005.5
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1028.28
esm-infra/xenial	not-affected	4.4.0-1004.9
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	not-affected	3.13.0-24.46~precise1
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.19~rc7
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.19~rc7
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.19~rc7
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-13.29~14.04.1
precise/esm	DNE
trusty	not-affected	4.4.0-13.29~14.04.1
trusty/esm	not-affected	4.4.0-13.29~14.04.1
upstream	released	4.19~rc7
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc7
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc7
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	4.19~rc7
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1030.35
cosmic	released	4.15.0-1030.35
devel	not-affected	4.15.0-1030.35
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1030.35
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7
xenial	ignored	end of standard support, was needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1007.9
cosmic	not-affected
devel	not-affected	4.15.0-1007.9
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1007.9
esm-infra/xenial	not-affected	4.15.0-1007.9~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7

Показывать по

Релиз	Статус	Примечание
bionic	released	4.15.0-1030.32
cosmic	released	4.18.0-1007.9
devel	not-affected	4.18.0-1009.11
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7
xenial	not-affected	4.2.0-1013.19

Показывать по

Релиз	Статус	Примечание
bionic	not-affected
cosmic	DNE
devel	not-affected
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.19~rc7
xenial	not-affected	4.4.0-1012.12

Показывать по

Ссылки на источники

7.2 High

CVSS2

7.8 High

CVSS3

Связанные уязвимости

CVE-2018-18445

CVSS3: 4.7

redhat

больше 6 лет назад

CVE-2018-18445

CVSS3: 7.8

nvd

больше 6 лет назад

CVE-2018-18445

CVSS3: 7.8

debian

больше 6 лет назад

In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before ...

GHSA-c3vm-qh5c-27gq

CVSS3: 7.8

github

около 3 лет назад

BDU:2019-03124

CVSS3: 7.8

fstec

больше 6 лет назад

Уязвимость механизма проверки BPF ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии

7.2 High

CVSS2

7.8 High

CVSS3

CVE-2018-18445

Описание

Пакет linux

Пакет linux-aws

Пакет linux-aws-hwe

Пакет linux-azure

Пакет linux-azure-edge

Пакет linux-euclid

Пакет linux-flo

Пакет linux-gcp

Пакет linux-gcp-edge

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-kvm

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-oem

Пакет linux-oracle

Пакет linux-raspi2

Пакет linux-snapdragon

Ссылки на источники

Связанные уязвимости