Vulnerability CVE-2018-8043


Published: 2018-03-10

Description:
The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).

Type:

CWE-476

(NULL Pointer Dereference)

Vendor: Linux
Product: Linux kernel 
Version: 4.15.8;
Vendor: Canonical
Product: Ubuntu linux 
Version: 16.04;

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5
http://www.securitytracker.com/id/1040749
https://github.com/torvalds/linux/commit/297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5
https://usn.ubuntu.com/3619-1/
https://usn.ubuntu.com/3619-2/
https://usn.ubuntu.com/3630-1/
https://usn.ubuntu.com/3630-2/
https://usn.ubuntu.com/3632-1/

Related CVE
CVE-2018-15120
libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.
CVE-2018-1000222
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerabil...
CVE-2018-14567
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-201...
CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also ...
CVE-2018-6553
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-...
CVE-2018-10915
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untru...
CVE-2018-7073
A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24.
CVE-2018-5390
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

Copyright 2018, cxsecurity.com

 

Back to Top