CVE-2018-5748 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 80%

Vendor	Product	Version
redhat	libvirt	-
debian	debian_linux	7.0
debian	debian_linux	8.0
debian	debian_linux	9.0
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_server_aus	7.6
redhat	enterprise_linux_server_eus	7.5
redhat	enterprise_linux_server_eus	7.6
redhat	enterprise_linux_server_tus	7.6
redhat	enterprise_linux_workstation	6.0
redhat	enterprise_linux_workstation	7.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

libvirt

bullseye	7.0.0-3+deb11u3 fixed
bookworm	9.0.0-4+deb12u1 fixed
sid	10.9.0-1 fixed
trixie	10.9.0-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

libvirt

hirsute	not-affected
groovy	not-affected
focal	not-affected
eoan	not-affected
disco	not-affected
cosmic	not-affected
bionic	not-affected
artful	Fixed 3.6.0-1ubuntu6.3 released
xenial	Fixed 1.3.1-1ubuntu10.19 released
trusty	Fixed 1.2.2-0ubuntu13.1.26 released

Common Weakness Enumeration

CWE-400 - Uncontrolled Resource Consumption
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References

http://www.securityfocus.com/bid/102825

https://access.redhat.com/errata/RHSA-2018:1396

https://access.redhat.com/errata/RHSA-2018:1929

https://lists.debian.org/debian-lts-announce/2018/03/msg00018.html

https://www.debian.org/security/2018/dsa-4137

https://www.redhat.com/archives/libvir-list/2018-January/msg00527.html

http://www.securityfocus.com/bid/102825

https://access.redhat.com/errata/RHSA-2018:1396

https://access.redhat.com/errata/RHSA-2018:1929

https://lists.debian.org/debian-lts-announce/2018/03/msg00018.html

https://www.debian.org/security/2018/dsa-4137

https://www.redhat.com/archives/libvir-list/2018-January/msg00527.html