PT-2018-3419 · Linux+2 · Linux Kernel+2

Yves Younan

·

Publicado

2018-08-27

·

Atualizado

2019-10-03

·

CVE-2018-10938

CVSS v2.0

7.1

Alta

VetorAV:N/AC:M/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.0-rc1 through 4.13-rc4
Description: A flaw in the Linux kernel may cause it to enter an infinite loop in the cipso v4 optptr() function when a crafted network packet is sent remotely, leading to a denial-of-service. This issue can be exploited if a certain non-default configuration of LSM (Linux Security Module) and NetLabel is set up on the system.
Recommendations: For Linux kernel versions 4.0-rc1 through 4.13-rc4, as a temporary workaround, consider disabling the cipso v4 optptr() function until a patch is available. Restrict access to the net/ipv4/cipso ipv4.c module to minimize the risk of exploitation. Avoid using non-default configurations of LSM and NetLabel that could enable this flaw. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Infinite Loop

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-835

Identificadores relacionados

BDU:2020-00847
CVE-2018-10938
DLA-1531-1
DSA-4308-1
OPENSUSE-SU-2018_2738-1
OPENSUSE-SU-2018_3071-1
SUSE-SU-2018:2775-1
SUSE-SU-2018:2776-1
SUSE-SU-2018:2858-1
SUSE-SU-2018:2860-1
SUSE-SU-2018:2862-1
SUSE-SU-2018:2864-1
SUSE-SU-2018:2935-1
SUSE-SU-2018:2938-1
SUSE-SU-2018:2940-1
SUSE-SU-2018:2961-1
SUSE-SU-2018:2962-1
SUSE-SU-2018:2963-1
SUSE-SU-2018:2964-1
SUSE-SU-2018:2980-1
SUSE-SU-2018:2981-1
SUSE-SU-2018:3029-1
SUSE-SU-2018:3084-1
SUSE-SU-2018:3961-1
SUSE-SU-2018_2938-1
SUSE-SU-2018_2980-1
SUSE-SU-2018_2981-1
USN-3797-1
USN-3797-2

Produtos afetados

Linux Kernel
Suse
Ubuntu