CVE-2018-1066

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cabfb3680f78981d26c078a26e5c748531257ebb

http://www.securityfocus.com/bid/103378

https://bugzilla.redhat.com/show_bug.cgi?id=1539599

https://github.com/torvalds/linux/commit/cabfb3680f78981d26c078a26e5c748531257ebb

https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html

https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html

https://patchwork.kernel.org/patch/10187633/

https://usn.ubuntu.com/3880-1/

https://usn.ubuntu.com/3880-2/

https://www.debian.org/security/2018/dsa-4187

https://www.debian.org/security/2018/dsa-4188

Details

Source: MITRE

Published: 2018-03-02

Updated: 2019-04-23

Type: CWE-476

Risk Information

CVSS v2

Base Score: 7.1

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (15 total)

IDNameProductFamilySeverity
130736EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2274)NessusHuawei Local Security Checks
critical
124830EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1507)NessusHuawei Local Security Checks
high
124798EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1474)NessusHuawei Local Security Checks
high
124637OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0014)NessusOracleVM Local Security Checks
medium
123631Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4596)NessusOracle Linux Local Security Checks
medium
122414EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-1062)NessusHuawei Local Security Checks
high
121598Ubuntu 14.04 LTS : linux vulnerabilities (USN-3880-1)NessusUbuntu Local Security Checks
high
117569EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1260)NessusHuawei Local Security Checks
medium
111082Debian DLA-1422-2 : linux security update (Spectre)NessusDebian Local Security Checks
high
109518Debian DSA-4188-1 : linux - security update (Spectre)NessusDebian Local Security Checks
high
109517Debian DSA-4187-1 : linux - security update (Spectre)NessusDebian Local Security Checks
critical
109483EulerOS 2.0 SP1 : kernel (EulerOS-SA-2018-1085)NessusHuawei Local Security Checks
medium
109183Amazon Linux AMI : kernel (ALAS-2018-993)NessusAmazon Linux Local Security Checks
medium
108748SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0848-1)NessusSuSE Local Security Checks
critical
108705SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0834-1)NessusSuSE Local Security Checks
critical