CVE-2018-14633

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable.

References

http://www.securityfocus.com/bid/105388

https://access.redhat.com/errata/RHSA-2018:3651

https://access.redhat.com/errata/RHSA-2018:3666

https://access.redhat.com/errata/RHSA-2019:1946

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14633

https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=1816494330a83f2a064499d8ed2797045641f92c

https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=8c39e2699f8acb2e29782a834e56306da24937fe

https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html

https://seclists.org/oss-sec/2018/q3/270

https://usn.ubuntu.com/3775-1/

https://usn.ubuntu.com/3775-2/

https://usn.ubuntu.com/3776-1/

https://usn.ubuntu.com/3776-2/

https://usn.ubuntu.com/3777-1/

https://usn.ubuntu.com/3777-2/

https://usn.ubuntu.com/3777-3/

https://usn.ubuntu.com/3779-1/

https://www.debian.org/security/2018/dsa-4308

Details

Source: MITRE

Published: 2018-09-25

Updated: 2020-08-28

Type: CWE-787

Risk Information

CVSS v2

Base Score: 8.3

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:C

Impact Score: 8.5

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 7

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Impact Score: 4.7

Exploitability Score: 2.2

Severity: HIGH

Tenable Plugins

View all (52 total)

IDNameProductFamilySeverity
135525EulerOS 2.0 SP3 : kernel (EulerOS-SA-2020-1396)NessusHuawei Local Security Checks
critical
127633RHEL 7 : kernel (RHSA-2019:1946)NessusRed Hat Local Security Checks
high
127249NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Vulnerability (NS-SA-2019-0058)NessusNewStart CGSL Local Security Checks
high
127247NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Vulnerability (NS-SA-2019-0057)NessusNewStart CGSL Local Security Checks
high
125964Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4685) (SACK Panic) (SACK Slowness)NessusOracle Linux Local Security Checks
high
125755Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4670)NessusOracle Linux Local Security Checks
high
125754OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0024)NessusOracleVM Local Security Checks
high
125283SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1289-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)NessusSuSE Local Security Checks
high
124833EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1511)NessusHuawei Local Security Checks
high
124810EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1486)NessusHuawei Local Security Checks
high
123873EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1187)NessusHuawei Local Security Checks
high
123868EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1182)NessusHuawei Local Security Checks
high
123635SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0828-1)NessusSuSE Local Security Checks
high
123329openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)NessusSuSE Local Security Checks
high
122201EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1028)NessusHuawei Local Security Checks
high
122007Photon OS 2.0: Linux PHSA-2018-2.0-0109NessusPhotonOS Local Security Checks
high
121505Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-030-01)NessusSlackware Local Security Checks
high
121208SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0095-1)NessusSuSE Local Security Checks
high
120430Fedora 29 : kernel / kernel-headers / kernel-tools (2018-5453baa4af)NessusFedora Local Security Checks
high
120235Fedora 28 : kernel / kernel-headers / kernel-tools (2018-0edb45d9db)NessusFedora Local Security Checks
high
120130SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:3159-1)NessusSuSE Local Security Checks
high
119921EulerOS 2.0 SP2 : kernel (EulerOS-SA-2018-1432)NessusHuawei Local Security Checks
high
119662CentOS 7 : kernel (CESA-2018:3651)NessusCentOS Local Security Checks
high
119251Scientific Linux Security Update : kernel on SL7.x x86_64 (20181127)NessusScientific Linux Local Security Checks
high
119247Oracle Linux 7 : kernel (ELSA-2018-3651)NessusOracle Linux Local Security Checks
high
119173RHEL 7 : kernel-rt (RHSA-2018:3666)NessusRed Hat Local Security Checks
high
119169RHEL 7 : kernel (RHSA-2018:3651)NessusRed Hat Local Security Checks
high
119073EulerOS Virtualization 2.5.2 : kernel (EulerOS-SA-2018-1382)NessusHuawei Local Security Checks
high
119034SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3789-1)NessusSuSE Local Security Checks
high
118952SUSE SLES11 Security Update : kernel (SUSE-SU-2018:3746-1)NessusSuSE Local Security Checks
high
118882SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:3689-1)NessusSuSE Local Security Checks
high
118747SUSE SLES11 Security Update : kernel (SUSE-SU-2018:3618-1)NessusSuSE Local Security Checks
high
118460SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3470-1)NessusSuSE Local Security Checks
high
118349SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3328-1)NessusSuSE Local Security Checks
high
118322Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-3777-3) (Spectre)NessusUbuntu Local Security Checks
high
118318SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3265-1)NessusSuSE Local Security Checks
high
118223SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3238-1)NessusSuSE Local Security Checks
high
118194openSUSE Security Update : the Linux Kernel (openSUSE-2018-1184)NessusSuSE Local Security Checks
high
118175SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3173-1)NessusSuSE Local Security Checks
high
118174SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3172-1)NessusSuSE Local Security Checks
high
118173SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3171-1)NessusSuSE Local Security Checks
high
118041Amazon Linux 2 : kernel (ALAS-2018-1086)NessusAmazon Linux Local Security Checks
high
117988openSUSE Security Update : the Linux Kernel (openSUSE-2018-1140)NessusSuSE Local Security Checks
high
117923Amazon Linux AMI : kernel (ALAS-2018-1086)NessusAmazon Linux Local Security Checks
high
117908Debian DLA-1531-1 : linux-4.9 security updateNessusDebian Local Security Checks
high
117873Ubuntu 16.04 LTS : linux-hwe, linux-gcp vulnerabilities (USN-3777-2)NessusUbuntu Local Security Checks
high
117872Ubuntu 18.04 LTS : linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities (USN-3777-1)NessusUbuntu Local Security Checks
high
117871Ubuntu 14.04 LTS : linux-lts-xenial, linux-aws vulnerabilities (USN-3776-2)NessusUbuntu Local Security Checks
high
117870Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-3776-1)NessusUbuntu Local Security Checks
high
117869Ubuntu 14.04 LTS : linux vulnerabilities (USN-3775-1)NessusUbuntu Local Security Checks
high
117862Debian DSA-4308-1 : linux - security updateNessusDebian Local Security Checks
high
117842Fedora 27 : kernel / kernel-headers / kernel-tools (2018-c0a1284064)NessusFedora Local Security Checks
high