PT-2018-10176 · Linux+4 · Linux Kernel+4

Adam Mariš

Published

2017-10-05

Updated

2019-05-17

CVE-2018-1091

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.13.5

Description The issue is related to a missing processor feature check and an erroneous use of transactional memory instructions in the core dump path. This can lead to a denial of service when a guest kernel crash is triggered from unprivileged userspace during a core dump on a POWER host.

Recommendations For Linux kernel versions prior to 4.13.5, update to version 4.13.5 or later to resolve the issue.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-391

Related Identifiers

ALT-PU-2017-2378

ALT-PU-2018-1991

CESA-2018_1318

CVE-2018-1091

OPENSUSE-SU-2018_0972-1

RHSA-2018:1318

RHSA-2018_1318

SUSE-SU-2018:1048-1

SUSE-SU-2018:1217-1

SUSE-SU-2019:1287-1

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2018-10176 · Linux+4 · Linux Kernel+4

CVE-2018-1091

Weakness Enumeration

Related Identifiers

Affected Products

References · 175