[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2018-14633Date: (C)2018-10-05   (M)2024-03-26


A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.0CVSS Score : 8.3
Exploit Score: 2.2Exploit Score: 8.6
Impact Score: 4.7Impact Score: 8.5
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: HIGHAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: LOWAvailability: COMPLETE
Integrity: LOW 
Availability: HIGH 
  
Reference:
BID-105388
DSA-4308
RHSA-2018:3651
RHSA-2018:3666
RHSA-2019:1946
USN-3775-1
USN-3775-2
USN-3776-1
USN-3776-2
USN-3777-1
USN-3777-2
USN-3777-3
USN-3779-1
https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14633
https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=1816494330a83f2a064499d8ed2797045641f92c
https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=8c39e2699f8acb2e29782a834e56306da24937fe
https://seclists.org/oss-sec/2018/q3/270

CWE    1
CWE-121
OVAL    37
oval:org.secpod.oval:def:89002640
oval:org.secpod.oval:def:205130
oval:org.secpod.oval:def:89002620
oval:org.secpod.oval:def:115166
...

© SecPod Technologies