Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2018-17977

Published: 08/10/2018 Updated: 26/11/2018
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 4.4 | Impact Score: 3.6 | Exploitability Score: 0.8
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 4.14.67

Vendor Advisories

Red Hat: CVE-2018-17977
A flaw was found in the Linux kernel's handling of complex interactions between netlink, IP, and AH style packets which can enter a state where the used memory will not be freed This can eventually use all memory and possibly crash userspace programs due to lack of available memory ...

References

CWE-400https://www.openwall.com/lists/oss-security/2018/10/05/5http://www.securityfocus.com/bid/105539https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2018-17977
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673CVE-2024-36674CVE-2024-27348unspecifiedCVE-2024-24919CVE-2024-4870malicious code‎CVE-2024-2019hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook