PT-2018-6760 · Linux+4 · Linux Kernel+4

Jason Yan

Published

2018-03-15

Updated

2019-10-23

CVE-2017-18232

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.15.9

Description: The issue is related to the Serial Attached SCSI (SAS) implementation in the Linux kernel, which mishandles a mutex within libsas. This allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.

Recommendations: For Linux kernel versions prior to 4.15.9, update to version 4.15.9 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2018-1557

ALT-PU-2019-1433

CESA-2018_3083

CVE-2017-18232

DSA-4187-1

RHSA-2018:3083

RHSA-2018:3096

RHSA-2018_3083

RHSA-2018_3096

USN-4163-1

USN-4163-2

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Ubuntu

PT-2018-6760 · Linux+4 · Linux Kernel+4

CVE-2017-18232

Related Identifiers

Affected Products

References · 30