Lucene search

K

MitreCVELIST:CVE-2018-11506

HistoryMay 28, 2018 - 4:00 a.m.

CVE-2018-11506

2018-05-2804:00:00

mitre

www.cve.org

8.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call.

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f7068114d45ec55996b9040e98111afa56e010fe

access.redhat.com/errata/RHSA-2018:2948

github.com/torvalds/linux/commit/f7068114d45ec55996b9040e98111afa56e010fe

lists.debian.org/debian-lts-announce/2018/07/msg00015.html

lists.debian.org/debian-lts-announce/2018/07/msg00016.html

lists.debian.org/debian-lts-announce/2018/07/msg00020.html

twitter.com/efrmv/status/1001574894273007616

usn.ubuntu.com/3752-1/

usn.ubuntu.com/3752-2/

usn.ubuntu.com/3752-3/

8.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Related for CVELIST:CVE-2018-11506

nvd1 debiancve1 prion1 redhatcve1 nessus9 ubuntucve1 cve1 fedora48 openvas54 osv2 debian3 ubuntu3 cloudfoundry1 redhat1