[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2018-1000199Date: (C)2018-05-25   (M)2024-03-26


The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.5CVSS Score : 4.9
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 3.6Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: NONEAvailability: COMPLETE
Integrity: NONE 
Availability: HIGH 
  
Reference:
SECTRACK-1040806
DSA-4187
DSA-4188
RHSA-2018:1318
RHSA-2018:1345
RHSA-2018:1347
RHSA-2018:1348
RHSA-2018:1354
RHSA-2018:1355
RHSA-2018:1374
USN-3641-1
USN-3641-2
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
https://lkml.org/lkml/2018/4/6/813
openSUSE-SU-2020:0801

CPE    10
cpe:/o:debian:debian_linux:9.0
cpe:/o:debian:debian_linux:7.0
cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
cpe:/o:redhat:enterprise_linux_workstation:7.0
...
CWE    1
CWE-119
OVAL    41
oval:org.secpod.oval:def:89002650
oval:org.secpod.oval:def:705016
oval:org.secpod.oval:def:89002613
oval:org.secpod.oval:def:89002653
...

© SecPod Technologies