CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17977

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.0%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 4.9

References

http://www.securityfocus.com/bid/105539
https://www.openwall.com/lists/oss-security/2018/10/05/5
http://www.securityfocus.com/bid/105539
https://www.openwall.com/lists/oss-security/2018/10/05/5

Products affected by CVE-2018-17977

Linux » Linux Kernel » Version: 4.14.67

cpe:2.3:o:linux:linux_kernel:4.14.67

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17977

Products

Pricing

Contact Us