Vulnerabilities > CVE-2018-1108 - Use of Insufficiently Random Values vulnerability in multiple products

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
high complexity
linux
canonical
debian
CWE-330
nessus

Summary

kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.

Vulnerable Configurations

Part Description Count
OS
Linux
2052
OS
Canonical
2
OS
Debian
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Brute Force
    In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset. Examples of secrets can include, but are not limited to, passwords, encryption keys, database lookup keys, and initial values to one-way functions. The key factor in this attack is the attackers' ability to explore the possible secret space rapidly. This, in turn, is a function of the size of the secret space and the computational power the attacker is able to bring to bear on the problem. If the attacker has modest resources and the secret space is large, the challenge facing the attacker is intractable. While the defender cannot control the resources available to an attacker, they can control the size of the secret space. Creating a large secret space involves selecting one's secret from as large a field of equally likely alternative secrets as possible and ensuring that an attacker is unable to reduce the size of this field using available clues or cryptanalysis. Doing this is more difficult than it sounds since elimination of patterns (which, in turn, would provide an attacker clues that would help them reduce the space of potential secrets) is difficult to do using deterministic machines, such as computers. Assuming a finite secret space, a brute force attack will eventually succeed. The defender must rely on making sure that the time and resources necessary to do so will exceed the value of the information. For example, a secret space that will likely take hundreds of years to explore is likely safe from raw-brute force attacks.
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Nessus

  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1218.NASL
    descriptionAccording to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A weakness was found in the Linux kernel
    last seen2020-03-19
    modified2019-04-09
    plugin id123904
    published2019-04-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123904
    titleEulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1218)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-884A105C04.NASL
    descriptionUpdate to v4.16.7 which contains fixes across the tree. This also temporarily reverts the fix for CVE-2018-1108 as it resulted in boots hanging in some scenarios. ---- Update to v4.16.6 which contains fixes across the tree ---- Update to v4.16.5 which contains fixes across the tree ---- Rebase to v4.16.4 ---- The 4.15.18 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-05-14
    plugin id109742
    published2018-05-14
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109742
    titleFedora 26 : kernel (2018-884a105c04)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2018-1023.NASL
    descriptionA weakness was found in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id110197
    published2018-05-30
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110197
    titleAmazon Linux AMI : kernel (ALAS-2018-1023)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3718-2.NASL
    descriptionUSN-3695-2 fixed vulnerabilities in the Linux Hardware Enablement Kernel (HWE) kernel for Ubuntu 16.04 LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression where insufficient early entropy prevented services from starting, leading in some situations to a failure to boot, This update addresses the issue. We apologize for the inconvenience. Original advisory details : Jann Horn discovered that the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id111267
    published2018-07-24
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111267
    titleUbuntu 16.04 LTS : linux-hwe, linux-azure, linux-gcp regression (USN-3718-2)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4196.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. - CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM guest user to crash the guest or potentially escalate their privileges. - CVE-2018-8897 Nick Peterson of Everdox Tech LLC discovered that #DB exceptions that are deferred by MOV SS or POP SS are not properly handled, allowing an unprivileged user to crash the kernel and cause a denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id109658
    published2018-05-10
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109658
    titleDebian DSA-4196-1 : linux - security update
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-E71875C4AA.NASL
    descriptionThe v4.16.4 update contains fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-04-30
    plugin id109422
    published2018-04-30
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109422
    titleFedora 27 : kernel (2018-e71875c4aa)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1028.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel
    last seen2020-05-06
    modified2019-02-15
    plugin id122201
    published2019-02-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122201
    titleEulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1028)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3752-2.NASL
    descriptionUSN-3752-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that, when attempting to handle an out-of-memory situation, a NULL pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-1000200) Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10323) Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate xattr information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10840) Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep meta-data information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10881) Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service (system crash) when mounted. (CVE-2018-1093) Jann Horn discovered that the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id112110
    published2018-08-24
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/112110
    titleUbuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3752-2)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2018-4304.NASL
    descriptionDescription of changes: [4.14.35-1818.5.4.el7uek] - RDS: NULL pointer dereference in rds_atomic_free_op (Mohamed Ghannam) [Orabug: 28020694] {CVE-2018-5333} - x86/speculation: Make enhanced IBRS the default spectre v2 mitigation (Alejandro Jimenez) [Orabug: 28474853] - x86/speculation: Enable enhanced IBRS usage (Alejandro Jimenez) [Orabug: 28474853] - x86/speculation: functions for supporting enhanced IBRS (Alejandro Jimenez) [Orabug: 28474853] - KVM: x86: Expose CLDEMOTE CPU feature to guest VM (Jingqi Liu) [Orabug: 28938290] - x86/cpufeatures: Enumerate cldemote instruction (Fenghua Yu) [Orabug: 28938290] - libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (Fred Herard) [Orabug: 28946206] - wil6210: missing length check in wmi_set_ie (Lior David) [Orabug: 28951267] {CVE-2018-5848} - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (Andy Whitcroft) [Orabug: 28956546] {CVE-2018-7755} {CVE-2018-7755} [4.14.35-1818.5.3.el7uek] - hugetlbfs: use truncate mutex to prevent pmd sharing race (Mike Kravetz) [Orabug: 28896279] - xfs: enhance dinode verifier (Eric Sandeen) [Orabug: 28943579] {CVE-2018-10322} - xfs: move inode fork verifiers to xfs_dinode_verify (Darrick J. Wong) [Orabug: 28943579] {CVE-2018-10322} [4.14.35-1818.5.2.el7uek] - rds: crash at rds_ib_inc_copy_to_user+104 due to NULL ptr reference (Venkat Venkatsubra) [Orabug: 28748049] - kdump/vmcore: support encrypted old memory with SME enabled (Lianbo Jiang) [Orabug: 28796835] - amd_iommu: remap the device table of IOMMU with the memory encryption mask for kdump (Lianbo Jiang) [Orabug: 28796835] - kexec: allocate unencrypted control pages for kdump in case SME is enabled (Lianbo Jiang) [Orabug: 28796835] - x86/ioremap: add a function ioremap_encrypted() to remap kdump old memory (Lianbo Jiang) [Orabug: 28796835] - net/rds: Fix endless RNR situation (Venkat Venkatsubra) [Orabug: 28857013] - Btrfs: fix xattr loss after power failure (Filipe Manana) [Orabug: 28893942] - xen/balloon: Support xend-based toolstack (Boris Ostrovsky) [Orabug: 28901032] - Btrfs: fix file data corruption after cloning a range and fsync (Filipe Manana) [Orabug: 28905635] - xen-blkfront: fix kernel panic with negotiate_mq error path (Manjunath Patil) - cdrom: fix improper type cast, which can leat to information leak. (Young_X) [Orabug: 28929755] {CVE-2018-16658} {CVE-2018-10940} {CVE-2018-18710} - sched/fair: Use a recently used CPU as an idle candidate and the basis for SIS (Mel Gorman) [Orabug: 28940633] - sched/fair: Move select_task_rq_fair() slow-path into its own function (Brendan Jackman) [Orabug: 28940633] - certs: Add Oracle
    last seen2020-04-30
    modified2018-12-13
    plugin id119638
    published2018-12-13
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119638
    titleOracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2018-4304)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3718-1.NASL
    descriptionUSN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression where insufficient early entropy prevented services from starting, leading in some situations to a failure to boot, This update addresses the issue. We apologize for the inconvenience. Original advisory details : Jann Horn discovered that the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id111266
    published2018-07-24
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111266
    titleUbuntu 18.04 LTS : linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem regression (USN-3718-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3752-3.NASL
    descriptionIt was discovered that, when attempting to handle an out-of-memory situation, a NULL pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-1000200) Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10323) Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate xattr information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10840) Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep meta-data information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10881) Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service (system crash) when mounted. (CVE-2018-1093) Jann Horn discovered that the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id112189
    published2018-08-30
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/112189
    titleUbuntu 16.04 LTS / 18.04 LTS : linux-azure, linux-oem, linux-gcp vulnerabilities (USN-3752-3)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1509.NASL
    descriptionAccording to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A weakness was found in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id124831
    published2019-05-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124831
    titleEulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1509)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-762.NASL
    descriptionThe openSUSE Leap 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-13406: An integer overflow in the uvesafb_setcmap function could have result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used (bnc#1100418) - CVE-2018-13053: The alarm_timer_nsleep function had an integer overflow via a large relative timeout because ktime_add_safe was not used (bnc#1099924) - CVE-2018-9385: Prevent overread of the
    last seen2020-06-05
    modified2018-07-30
    plugin id111414
    published2018-07-30
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111414
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2018-762) (Spectre)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-5926C0FFC8.NASL
    descriptionThe v4.16.4 update contains fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120446
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120446
    titleFedora 28 : kernel (2018-5926c0ffc8)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2018-1023.NASL
    descriptionA weakness was found in the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id110196
    published2018-05-30
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110196
    titleAmazon Linux 2 : kernel (ALAS-2018-1023)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4188.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system. This specific attack has been named Spectre variant 2 (branch target injection) and is mitigated for the x86 architecture (amd64 and i386) by using the
    last seen2020-06-01
    modified2020-06-02
    plugin id109518
    published2018-05-02
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109518
    titleDebian DSA-4188-1 : linux - security update (Spectre)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3752-1.NASL
    descriptionIt was discovered that, when attempting to handle an out-of-memory situation, a NULL pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-1000200) Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10323) Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate xattr information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10840) Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep meta-data information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10881) Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service (system crash) when mounted. (CVE-2018-1093) Jann Horn discovered that the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id112109
    published2018-08-24
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/112109
    titleUbuntu 18.04 LTS : linux, linux-aws, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities (USN-3752-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-536.NASL
    descriptionThe openSUSE Leap 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-13406: An integer overflow in the uvesafb_setcmap function could have result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used (bnc#1100418) - CVE-2018-13053: The alarm_timer_nsleep function had an integer overflow via a large relative timeout because ktime_add_safe was not used (bnc#1099924) - CVE-2018-9385: Prevent overread of the
    last seen2020-06-01
    modified2020-06-02
    plugin id123226
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123226
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2019-536) (Spectre)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1526.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A double free vulnerability was found in netlink_dump, which could cause a denial of service or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2016-9806i1/4%0 - Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf.(CVE-2010-5321i1/4%0 - ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2018-1108i1/4%0 - The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.(CVE-2019-7222i1/4%0 - The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and incorrect memory allocation) or possibly have unspecified other impact via a crafted IOCTL_KGSL_PERFCOUNTER_QUERY ioctl call.(CVE-2016-2062i1/4%0 - drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device.(CVE-2013-2896i1/4%0 - The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-3139i1/4%0 - An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function.(CVE-2017-7542i1/4%0 - Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.(CVE-2017-10810i1/4%0 - The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a crafted application.(CVE-2013-6432i1/4%0 - The madvise_willneed function in the Linux kernel allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.(CVE-2017-18208i1/4%0 - An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.(CVE-2018-17182i1/4%0 - The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service (buffer over-read) via a crafted header.(CVE-2013-7027i1/4%0 - The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit.(CVE-2014-9710i1/4%0 - A flaw was found in the way the Linux kernel
    last seen2020-03-19
    modified2019-05-14
    plugin id124979
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124979
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1526)

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/147423/GS20180502040015.txt
idPACKETSTORM:147423
last seen2018-05-07
published2018-05-01
reporterGoogle Security Research
sourcehttps://packetstormsecurity.com/files/147423/Linux-RNG-Flaws.html
titleLinux RNG Flaws