PT-2018-9618 · Linux+2 · Linux Kernel+2

Marcus Meissner

Publicado

2018-04-06

Atualizado

2024-08-05

CVE-2018-10021

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.16

Description: The issue allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions, specifically when physically proximate attackers unplug SAS Host Bus Adapter cables. A third party disputes the relevance of this report.

Recommendations: Update to Linux kernel version 4.16 or later to resolve the issue. As a temporary workaround, consider restricting physical access to SAS Host Bus Adapter cables to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2018-1557

ALT-PU-2019-1433

CVE-2018-10021

DLA-1423-1

DLA-1529-1

USN-3678-1

USN-3678-2

USN-3678-3

USN-3678-4

USN-3696-1

USN-3696-2

USN-3754-1

Produtos afetados

Alt Linux

Linux Kernel

Ubuntu

PT-2018-9618 · Linux+2 · Linux Kernel+2

CVE-2018-10021

Identificadores relacionados

Produtos afetados

Referências · 93