CVE-2018-14775

tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
openbsdopenbsd
6.2
openbsdopenbsd
6.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c.diff?r1=1.37&r2=1.37.8.1&f=h
http://www.securitytracker.com/id/1041550
https://ftp.openbsd.org/pub/OpenBSD/patches/6.2/common/020_ioport.patch.sig
https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/015_ioport.patch.sig
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c.diff?r1=1.37&r2=1.37.8.1&f=h
http://www.securitytracker.com/id/1041550
https://ftp.openbsd.org/pub/OpenBSD/patches/6.2/common/020_ioport.patch.sig
https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/015_ioport.patch.sig