vulnerability
SUSE: CVE-2018-10938: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Aug 27, 2018 | Sep 18, 2018 | Feb 4, 2022 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Aug 27, 2018
Added
Sep 18, 2018
Modified
Feb 4, 2022
Description
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.
Solution(s)
suse-upgrade-kernel-azure-basesuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-mansuse-upgrade-kernel-devel-azuresuse-upgrade-kernel-docssuse-upgrade-kernel-docs-azuresuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-source-azure
References
- SUSE-SUSE-SU-2018:2775-1
- SUSE-SUSE-SU-2018:2776-1
- SUSE-SUSE-SU-2018:2858-1
- SUSE-SUSE-SU-2018:2860-1
- SUSE-SUSE-SU-2018:2862-1
- SUSE-SUSE-SU-2018:2864-1
- SUSE-SUSE-SU-2018:2935-1
- SUSE-SUSE-SU-2018:2938-1
- SUSE-SUSE-SU-2018:2940-1
- SUSE-SUSE-SU-2018:2961-1
- SUSE-SUSE-SU-2018:2962-1
- SUSE-SUSE-SU-2018:2963-1
- SUSE-SUSE-SU-2018:2964-1
- SUSE-SUSE-SU-2018:2980-1
- SUSE-SUSE-SU-2018:2981-1
- SUSE-SUSE-SU-2018:3029-1
- SUSE-SUSE-SU-2018:3084-1
- SUSE-SUSE-SU-2018:3961-1
- UBUNTU-USN-3797-1
- UBUNTU-USN-3797-2
- DEBIAN-DSA-4308
- NVD-CVE-2018-10938
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.