CVE-2018-1130 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
redhat	CNA	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 12%

Vendor	Product	Version
linux	linux_kernel	𝑥 < 4.16
linux	linux_kernel	4.16:rc1
linux	linux_kernel	4.16:rc2
linux	linux_kernel	4.16:rc3
linux	linux_kernel	4.16:rc4
linux	linux_kernel	4.16:rc5
linux	linux_kernel	4.16:rc6
debian	debian_linux	7.0
debian	debian_linux	8.0
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	16.04
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_workstation	7.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 fixed
bullseye (security)	5.10.226-1 fixed
bookworm	6.1.106-3 fixed
bookworm (security)	6.1.112-1 fixed
trixie	6.11.5-1 fixed
sid	6.11.6-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

linux

bionic	not-affected
artful	Fixed 4.13.0-46.51 released
xenial	Fixed 4.4.0-127.153 released
trusty	Fixed 3.13.0-153.203 released

linux-aws

bionic	not-affected
artful	dne
xenial	Fixed 4.4.0-1060.69 released
trusty	Fixed 4.4.0-1022.22 released

linux-azure

bionic	not-affected
artful	dne
xenial	Fixed 4.15.0-1013.13~16.04.2 released
trusty	not-affected

linux-euclid

bionic	dne
artful	dne
xenial	ignored
trusty	dne

linux-flo

bionic	dne
artful	dne
xenial	ignored
trusty	dne

linux-gcp

bionic	not-affected
artful	dne
xenial	Fixed 4.15.0-1014.14~16.04.1 released
trusty	dne

linux-gke

bionic	dne
artful	dne
xenial	ignored
trusty	dne

linux-goldfish

bionic	dne
artful	dne
xenial	ignored
trusty	dne

linux-grouper

bionic	dne
artful	dne
xenial	dne
trusty	dne

linux-hwe

bionic	not-affected
artful	dne
xenial	Fixed 4.15.0-24.26~16.04.1 released
trusty	dne

linux-hwe-edge

bionic	Fixed 4.18.0-8.9~18.04.1 released
artful	dne
xenial	Fixed 4.15.0-24.26~16.04.1 released
trusty	dne

linux-kvm

bionic	not-affected
artful	dne
xenial	Fixed 4.4.0-1026.31 released
trusty	dne

linux-lts-trusty

bionic	dne
artful	dne
xenial	dne
trusty	dne

linux-lts-utopic

bionic	dne
artful	dne
xenial	dne
trusty	dne

linux-lts-vivid

bionic	dne
artful	dne
xenial	dne
trusty	dne

linux-lts-wily

bionic	dne
artful	dne
xenial	dne
trusty	dne

linux-lts-xenial

bionic	dne
artful	dne
xenial	dne
trusty	Fixed 4.4.0-127.153~14.04.1 released

linux-maguro

bionic	dne
artful	dne
xenial	dne
trusty	dne

linux-mako

bionic	dne
artful	dne
xenial	ignored
trusty	dne

linux-manta

bionic	dne
artful	dne
xenial	dne
trusty	dne

linux-oem

bionic	not-affected
artful	dne
xenial	Fixed 4.13.0-1031.35 released
trusty	dne

linux-raspi2

bionic	not-affected
artful	Fixed 4.13.0-1023.24 released
xenial	Fixed 4.4.0-1090.98 released
trusty	dne

linux-snapdragon

bionic	not-affected
artful	Fixed 4.4.0-1093.98 released
xenial	Fixed 4.4.0-1093.98 released
trusty	dne

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

https://access.redhat.com/errata/RHSA-2018:1854

https://access.redhat.com/errata/RHSA-2018:3083

https://access.redhat.com/errata/RHSA-2018:3096

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1130

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f93df79aeefc3add4e4b31a752600f834236e2

https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html

https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html

https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html

https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html

https://marc.info/?l=linux-netdev&m=152036596825220&w=2

https://syzkaller.appspot.com/bug?id=833568de043e0909b2aeaef7be136db39d21ba94

https://usn.ubuntu.com/3654-1/

https://usn.ubuntu.com/3654-2/

https://usn.ubuntu.com/3656-1/

https://usn.ubuntu.com/3697-1/

https://usn.ubuntu.com/3697-2/

https://usn.ubuntu.com/3698-1/

https://usn.ubuntu.com/3698-2/