CVE-2018-1000199

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.

References

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html

http://www.securitytracker.com/id/1040806

https://access.redhat.com/errata/RHSA-2018:1318

https://access.redhat.com/errata/RHSA-2018:1345

https://access.redhat.com/errata/RHSA-2018:1347

https://access.redhat.com/errata/RHSA-2018:1348

https://access.redhat.com/errata/RHSA-2018:1354

https://access.redhat.com/errata/RHSA-2018:1355

https://access.redhat.com/errata/RHSA-2018:1374

https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html

https://lkml.org/lkml/2018/4/6/813

https://usn.ubuntu.com/3641-1/

https://usn.ubuntu.com/3641-2/

https://www.debian.org/security/2018/dsa-4187

https://www.debian.org/security/2018/dsa-4188

Details

Source: MITRE

Published: 2018-05-24

Updated: 2020-08-24

Type: CWE-119

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Tenable Plugins

View all (89 total)

IDNameProductFamilySeverity
140378SUSE SLES15 Security Update : kernel (SUSE-SU-2020:2487-1)NessusSuSE Local Security Checks
medium
138679openSUSE Security Update : the Linux Kernel (openSUSE-2020-801)NessusSuSE Local Security Checks
medium
138272SUSE SLES15 Security Update : kernel (SUSE-SU-2020:1663-1)NessusSuSE Local Security Checks
critical
137617SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1605-1)NessusSuSE Local Security Checks
medium
137616SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1603-1)NessusSuSE Local Security Checks
medium
137615SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1602-1)NessusSuSE Local Security Checks
medium
137613SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:1599-1)NessusSuSE Local Security Checks
medium
137608SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1587-1)NessusSuSE Local Security Checks
medium
127192NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0028)NessusNewStart CGSL Local Security Checks
high
127185NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0025)NessusNewStart CGSL Local Security Checks
high
118272SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1855-2)NessusSuSE Local Security Checks
high
117575EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1266)NessusHuawei Local Security Checks
medium
117572EulerOS Virtualization 2.5.1 : kernel (EulerOS-SA-2018-1263)NessusHuawei Local Security Checks
high
111022OracleVM 3.3 : Unbreakable / etc (OVMSA-2018-0237)NessusOracleVM Local Security Checks
high
110998Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4164)NessusOracle Linux Local Security Checks
high
110860EulerOS 2.0 SP3 : kernel (EulerOS-SA-2018-1196)NessusHuawei Local Security Checks
high
110838SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1855-1)NessusSuSE Local Security Checks
high
110585Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2018-4145)NessusOracle Linux Local Security Checks
medium
110583Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4134)NessusOracle Linux Local Security Checks
high
110581OracleVM 3.3 : Unbreakable / etc (OVMSA-2018-0231)NessusOracleVM Local Security Checks
high
110526OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0228) (Spectre)NessusOracleVM Local Security Checks
high
110404Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4126) (Spectre)NessusOracle Linux Local Security Checks
medium
110381SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1551-1)NessusSuSE Local Security Checks
medium
110380SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1550-1)NessusSuSE Local Security Checks
medium
110359SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1525-1)NessusSuSE Local Security Checks
medium
110343SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1508-1)NessusSuSE Local Security Checks
medium
110245CentOS 7 : kernel (CESA-2018:1318)NessusCentOS Local Security Checks
high
110197Amazon Linux AMI : kernel (ALAS-2018-1023)NessusAmazon Linux Local Security Checks
high
110196Amazon Linux 2 : kernel (ALAS-2018-1023)NessusAmazon Linux Local Security Checks
high
110136EulerOS 2.0 SP1 : kernel (EulerOS-SA-2018-1132)NessusHuawei Local Security Checks
medium
110104openSUSE Security Update : the Linux Kernel (openSUSE-2018-514) (Spectre)NessusSuSE Local Security Checks
high
110041SUSE SLES11 Security Update : kernel (SUSE-SU-2018:1376-1) (Spectre)NessusSuSE Local Security Checks
high
110040SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1375-1) (Spectre)NessusSuSE Local Security Checks
high
110039SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1374-1) (Spectre)NessusSuSE Local Security Checks
high
110035SUSE SLES11 Security Update : kernel (SUSE-SU-2018:1368-1) (Spectre)NessusSuSE Local Security Checks
high
110033SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:1366-1) (Spectre)NessusSuSE Local Security Checks
high
109922Virtuozzo 7 : readykernel-patch (VZA-2018-030)NessusVirtuozzo Local Security Checks
medium
109831RHEL 7 : kernel-alt (RHSA-2018:1374)NessusRed Hat Local Security Checks
medium
109797SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1273-1)NessusSuSE Local Security Checks
high
109796SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1272-1)NessusSuSE Local Security Checks
high
109795SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1269-1)NessusSuSE Local Security Checks
high
109794SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1268-1)NessusSuSE Local Security Checks
high
109793SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1267-1)NessusSuSE Local Security Checks
high
109792SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1266-1)NessusSuSE Local Security Checks
high
109791SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1264-1)NessusSuSE Local Security Checks
high
109790SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1262-1)NessusSuSE Local Security Checks
high
109789SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1261-1)NessusSuSE Local Security Checks
high
109788SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1259-1)NessusSuSE Local Security Checks
high
109787SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1258-1)NessusSuSE Local Security Checks
medium
109786SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1257-1)NessusSuSE Local Security Checks
high
109785SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1256-1)NessusSuSE Local Security Checks
high
109784SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1255-1)NessusSuSE Local Security Checks
high
109783SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1254-1)NessusSuSE Local Security Checks
high
109782SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1253-1)NessusSuSE Local Security Checks
high
109781SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1251-1)NessusSuSE Local Security Checks
high
109780SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1250-1)NessusSuSE Local Security Checks
high
109779SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1247-1)NessusSuSE Local Security Checks
high
109778SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1245-1)NessusSuSE Local Security Checks
high
109777SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1244-1)NessusSuSE Local Security Checks
high
109776SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1243-1)NessusSuSE Local Security Checks
high
109775SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1242-1)NessusSuSE Local Security Checks
high
109774SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1241-1)NessusSuSE Local Security Checks
high
109773SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1239-1)NessusSuSE Local Security Checks
medium
109772SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1237-1)NessusSuSE Local Security Checks
high
109771SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1236-1)NessusSuSE Local Security Checks
high
109770SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1235-1)NessusSuSE Local Security Checks
high
109769SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1234-1)NessusSuSE Local Security Checks
high
109768SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1233-1)NessusSuSE Local Security Checks
high
109767SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1232-1)NessusSuSE Local Security Checks
high
109766SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1231-1)NessusSuSE Local Security Checks
high
109765SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1230-1)NessusSuSE Local Security Checks
high
109764SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1229-1)NessusSuSE Local Security Checks
high
109763SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1227-1)NessusSuSE Local Security Checks
high
109762SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1226-1)NessusSuSE Local Security Checks
high
109761SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1224-1)NessusSuSE Local Security Checks
high
109760SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1223-1)NessusSuSE Local Security Checks
medium
109759SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1222-1)NessusSuSE Local Security Checks
high
109754RHEL 6 : MRG (RHSA-2018:1354)NessusRed Hat Local Security Checks
high
109665Oracle Linux 7 : kernel (ELSA-2018-1318)NessusOracle Linux Local Security Checks
high
109650Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : linux, linux-aws, linux-azure, linux-euclid, linux-gcp, linux-hwe, (USN-3641-1)NessusUbuntu Local Security Checks
high
109644Scientific Linux Security Update : kernel on SL7.x x86_64 (20180508)NessusScientific Linux Local Security Checks
high
109642RHEL 7 : kernel-rt (RHSA-2018:1355)NessusRed Hat Local Security Checks
high
109638RHEL 7 : kernel (RHSA-2018:1348)NessusRed Hat Local Security Checks
high
109637RHEL 7 : kernel (RHSA-2018:1347)NessusRed Hat Local Security Checks
high
109635RHEL 7 : kernel (RHSA-2018:1345)NessusRed Hat Local Security Checks
high
109633RHEL 7 : kernel (RHSA-2018:1318)NessusRed Hat Local Security Checks
high
109531Debian DLA-1369-1 : linux security update (Spectre)NessusDebian Local Security Checks
critical
109518Debian DSA-4188-1 : linux - security update (Spectre)NessusDebian Local Security Checks
high
109517Debian DSA-4187-1 : linux - security update (Spectre)NessusDebian Local Security Checks
critical