CVE-2018-10938

Severity

Theme

CVE-2018-10938

medium

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.

ID	Name	Product	Family	Severity
123329	openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)	Nessus	SuSE Local Security Checks	high
120118	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:2980-1)	Nessus	SuSE Local Security Checks	high
118328	Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3797-2)	Nessus	Ubuntu Local Security Checks	high
118327	Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3797-1)	Nessus	Ubuntu Local Security Checks	high
118034	SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3084-1)	Nessus	SuSE Local Security Checks	high
117988	openSUSE Security Update : the Linux Kernel (openSUSE-2018-1140)	Nessus	SuSE Local Security Checks	high
117908	Debian DLA-1531-1 : linux-4.9 security update	Nessus	Debian Local Security Checks	high
117862	Debian DSA-4308-1 : linux - security update	Nessus	Debian Local Security Checks	high
117802	SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2864-1)	Nessus	SuSE Local Security Checks	high
117801	SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2860-1)	Nessus	SuSE Local Security Checks	high
117800	SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2858-1)	Nessus	SuSE Local Security Checks	high
117629	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:2776-1)	Nessus	SuSE Local Security Checks	high
117523	openSUSE Security Update : the Linux Kernel (openSUSE-2018-1016)	Nessus	SuSE Local Security Checks	high
112283	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4208)	Nessus	Oracle Linux Local Security Checks	high
112282	OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0253)	Nessus	OracleVM Local Security Checks	high

CVE-2018-10938

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high