Linux Kernel 'net/ipv4/cipso_ipv4.c' Remote Denial of Service Vulnerability
BID:105154
CVE-2018-10938 |Info
Linux Kernel 'net/ipv4/cipso_ipv4.c' Remote Denial of Service Vulnerability
| Bugtraq ID: | 105154 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2018-10938 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 27 2018 12:00AM |
| Updated: | Aug 27 2018 12:00AM |
| Credit: | Vladis Dronov |
| Vulnerable: |
Linux kernel 4.12.9 Linux kernel 4.12.4 Linux kernel 4.12.3 Linux kernel 4.12.2 Linux kernel 4.11.9 Linux kernel 4.11.5 Linux kernel 4.11.4 Linux kernel 4.11.3 Linux kernel 4.11.2 Linux kernel 4.11.1 Linux kernel 4.11 Linux kernel 4.10.15 Linux kernel 4.10.13 Linux kernel 4.10.12 Linux kernel 4.10.10 Linux kernel 4.10.6 Linux kernel 4.10.4 Linux kernel 4.10 Linux kernel 4.9.36 Linux kernel 4.9.13 Linux kernel 4.9.8 Linux kernel 4.9.4 Linux kernel 4.9.3 Linux kernel 4.8.11 Linux kernel 4.7.4 Linux kernel 4.4.30 Linux kernel 4.4.29 Linux kernel 4.4.28 Linux kernel 4.4.27 Linux kernel 4.4.25 Linux kernel 4.4.24 Linux kernel 4.4.23 Linux kernel 4.4.22 Linux kernel 4.4.7 Linux kernel 4.4.2 Linux kernel 4.2.3 Linux kernel 4.1.4 Linux kernel 4.1.1 Linux kernel 4.0.6 Linux kernel 4.9.9 Linux kernel 4.9.11 Linux kernel 4.9 Linux kernel 4.8.7 Linux kernel 4.8.6 Linux kernel 4.8.3 Linux kernel 4.8.14 Linux kernel 4.8.13 Linux kernel 4.8.12 Linux kernel 4.8.1 Linux kernel 4.7.9 Linux kernel 4.6.3 Linux kernel 4.6.2 Linux kernel 4.6.1 Linux kernel 4.5.5 Linux kernel 4.5 Linux kernel 4.4.38 Linux kernel 4.4.26 Linux kernel 4.4.1 Linux kernel 4.4 Linux kernel 4.3.3 Linux kernel 4.3-rc1 Linux kernel 4.2.8 Linux kernel 4.2 Linux kernel 4.13-rc4 Linux kernel 4.13-rc1 Linux kernel 4.13 Linux kernel 4.12.10 Linux kernel 4.12.1 Linux kernel 4.12-rc1 Linux kernel 4.12 Linux kernel 4.11.8 Linux kernel 4.11.7 Linux kernel 4.11 Linux kernel 4.10.9 Linux kernel 4.10.8 Linux kernel 4.10.7 Linux kernel 4.10.5 Linux kernel 4.10.3 Linux kernel 4.10.2 Linux kernel 4.10.11 Linux kernel 4.10.1 Linux kernel 4.1.15 Linux kernel 4.1 Linux kernel 4.0.5 Linux kernel 4.0-rc1 Linux kernel 4.0 |
| Not Vulnerable: | |
Discussion
Linux Kernel 'net/ipv4/cipso_ipv4.c' Remote Denial of Service Vulnerability
Linux Kernel is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause a denial-of-service condition.
Linux Kernel is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause a denial-of-service condition.
Exploit / POC
Linux Kernel 'net/ipv4/cipso_ipv4.c' Remote Denial of Service Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Linux Kernel 'net/ipv4/cipso_ipv4.c' Remote Denial of Service Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Linux Kernel 'net/ipv4/cipso_ipv4.c' Remote Denial of Service Vulnerability
References:
References:
- Bug 1622404 - (CVE-2018-10938) CVE-2018-10938 kernel: infinite loop in net/ipv4/ (Red Hat Bugzilla)
- Cipso: cipso_v4_optptr enter infinite loop (Linux)
- cipso: don't use IPCB() to locate the CIPSO IP option (Linux)
- CVE-2018-10938 (Red Hat Bugzilla)
- Linux kernel Homepage (kernel.org)