Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-18445

In the Linux kernel 4.14.x before 4.14.75 and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.

Source

Severity Low

Remote No

Type Denial of service

Description

In the Linux kernel 4.14.x before 4.14.75 and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.

AVG-801 linux-lts 4.14.74-1 4.14.75-1 Low Fixed

AVG-784 linux 4.18.12.arch4-1 4.18.13.arch4-1 Low Fixed

01 Nov 2018 ASA-201811-2 AVG-801 linux-lts Low denial of service

01 Nov 2018 ASA-201811-1 AVG-784 linux Low denial of service

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b799207e1e1816b09e7a5920fbb2d5fcf6edd681
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.13
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.75
https://bugs.chromium.org/p/project-zero/issues/detail?id=1686
https://seclists.org/oss-sec/2018/q4/69

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect