CVE-2018-8043

Related Vulnerabilities: CVE-2018-8043  

The Linux kernel was found vulnerable to a NULL pointer dereference in the drivers/net/phy/mdio-bcm-unimac.c:unimac_mdio_probe() function caused by an unchecked return value from the platform_get_resource() function. A successful flaw exploitation can cause a system panic and a denial of service. This flaw is believed not to be an attacker triggerable as bad return value can be caused by hardware misconfiguration.

The Linux kernel was found vulnerable to a NULL pointer dereference in the drivers/net/phy/mdio-bcm-unimac.c:unimac_mdio_probe() function caused by an unchecked return value from the platform_get_resource() function. A successful flaw exploitation can cause a system panic and a denial of service. This flaw is believed not to be an attacker triggerable as bad return value can be caused by hardware misconfiguration.

Find out more about CVE-2018-8043 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score 4.1
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity High
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Impact None
Availability Impact High

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Not affected
Red Hat Enterprise Linux 7 kernel-alt Affected
Red Hat Enterprise Linux 7 kernel Not affected
Red Hat Enterprise Linux 7 kernel-rt Not affected
Red Hat Enterprise Linux 6 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected