CVE-2018-15688

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
canonicalCNA
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
systemd_projectsystemd
𝑥
≤ 239
debiandebian_linux
8.0
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
18.10
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server_aus
7.6
redhatenterprise_linux_server_eus
7.6
redhatenterprise_linux_server_tus
7.6
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
network-manager
bullseye
1.30.6-1+deb11u1
fixed
jessie
not-affected
bookworm
1.42.4-1
fixed
sid
1.50.0-1
fixed
trixie
1.50.0-1
fixed
systemd
bullseye
247.3-7+deb11u5
fixed
jessie
not-affected
bullseye (security)
247.3-7+deb11u6
fixed
bookworm
252.30-1~deb12u2
fixed
sid
256.7-3
fixed
trixie
256.7-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
network-manager
cosmic
Fixed 1.12.4-1ubuntu1.1
released
bionic
Fixed 1.10.6-2ubuntu1.1
released
xenial
Fixed 1.2.6-0ubuntu0.16.04.3
released
trusty
dne
systemd
cosmic
Fixed 239-7ubuntu10.1
released
bionic
Fixed 237-3ubuntu10.4
released
xenial
Fixed 229-4ubuntu21.6
released
trusty
not-affected
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/105745
https://access.redhat.com/errata/RHBA-2019:0327
https://access.redhat.com/errata/RHSA-2018:3665
https://access.redhat.com/errata/RHSA-2019:0049
https://github.com/systemd/systemd/pull/10518
https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html
https://security.gentoo.org/glsa/201810-10
https://usn.ubuntu.com/3806-1/
https://usn.ubuntu.com/3807-1/
http://www.securityfocus.com/bid/105745
https://access.redhat.com/errata/RHBA-2019:0327
https://access.redhat.com/errata/RHSA-2018:3665
https://access.redhat.com/errata/RHSA-2019:0049
https://github.com/systemd/systemd/pull/10518
https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html
https://security.gentoo.org/glsa/201810-10
https://usn.ubuntu.com/3806-1/
https://usn.ubuntu.com/3807-1/