vulnerability

SUSE: CVE-2018-5383: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:A/AC:M/Au:N/C:P/I:P/A:N)	Aug 7, 2018	Feb 19, 2019	Jun 7, 2020

Severity

CVSS

(AV:A/AC:M/Au:N/C:P/I:P/A:N)

Published

Aug 7, 2018

Added

Feb 19, 2019

Modified

Jun 7, 2020

Description

Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.

Solutions

suse-upgrade-kernel-firmwaresuse-upgrade-ucode-amd

References

SUSE-SUSE-SU-2019:0422-1
SUSE-SUSE-SU-2019:0427-1
SUSE-SUSE-SU-2019:0427-2
SUSE-SUSE-SU-2019:0466-1
UBUNTU-USN-4094-1
UBUNTU-USN-4095-1
UBUNTU-USN-4095-2
UBUNTU-USN-4118-1
UBUNTU-USN-4351-1
NVD-CVE-2018-5383

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report