Published: 12/02/2018 Updated: 06/03/2019

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 410

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

The futex_requeue function in kernel/futex.c in the Linux kernel prior to 4.14.15 might allow malicious users to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
canonical ubuntu linux 14.04
canonical ubuntu linux 17.10
canonical ubuntu linux 12.04
canonical ubuntu linux 16.04
debian debian linux 7.0
debian debian linux 8.0
redhat enterprise linux workstation 7.0
redhat enterprise linux server eus 7.6
redhat enterprise linux server tus 7.6
redhat virtualization host 4.0
redhat enterprise linux server 7.0
redhat enterprise linux desktop 7.0
redhat enterprise linux server aus 7.6

Synopsis Important: kernel-rt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sco ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...

Synopsis Important: kernel-alt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2015-9016 Ming Lei reported a race condition in the multiqueue block layer (blk-mq) On a system with a driver using blk-mq (mtip32xx, null_blk, or virtio_blk), a local user might be able ...

Several security issues were fixed in the Linux kernel ...

The futex_requeue function in kernel/futexc in the Linux kernel, before 41415, might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impacts by triggering a negative wake or requeue value Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is un ...

CWE-190 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15 https://github.com/torvalds/linux/commit/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a http://www.securityfocus.com/bid/103023 https://usn.ubuntu.com/3619-1/https://usn.ubuntu.com/3619-2/https://access.redhat.com/errata/RHSA-2018:0654 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:0676 https://www.debian.org/security/2018/dsa-4187 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://usn.ubuntu.com/3698-2/https://usn.ubuntu.com/3697-2/https://usn.ubuntu.com/3697-1/https://usn.ubuntu.com/3698-1/https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2018:0676 https://usn.ubuntu.com/3698-1/https://www.debian.org/security/./dsa-4187

CVE-2018-6927

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect