Lucene search

[email protected]NVD:CVE-2018-5750

HistoryJan 26, 2018 - 7:29 p.m.

CVE-2018-5750

2018-01-2619:29:00

CWE-200

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤4.14.15

Node

debiandebian_linuxMatch7.0

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

Node

canonicalubuntu_linuxMatch12.04esm

canonicalubuntu_linuxMatch14.04lts

canonicalubuntu_linuxMatch16.04lts

canonicalubuntu_linuxMatch17.10

Node

redhatvirtualization_hostMatch4.0

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_server_ausMatch7.6

redhatenterprise_linux_server_eusMatch7.6

redhatenterprise_linux_server_tusMatch7.6

redhatenterprise_linux_workstationMatch7.0

References

www.securitytracker.com/id/1040319

access.redhat.com/errata/RHSA-2018:0676

access.redhat.com/errata/RHSA-2018:1062

access.redhat.com/errata/RHSA-2018:2948

lists.debian.org/debian-lts-announce/2018/05/msg00000.html

patchwork.kernel.org/patch/10174835/

usn.ubuntu.com/3631-1/

usn.ubuntu.com/3631-2/

usn.ubuntu.com/3697-1/

usn.ubuntu.com/3697-2/

usn.ubuntu.com/3698-1/

usn.ubuntu.com/3698-2/

www.debian.org/security/2018/dsa-4120

www.debian.org/security/2018/dsa-4187

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

Related for NVD:CVE-2018-5750

prion1 cve1 debiancve1 veracode1 osv4 ubuntucve1 redhatcve1 cvelist1 nessus29 fedora24 openvas38 oraclelinux4 ubuntu6 cloudfoundry1 debian4 amazon2 photon3 ibm1 redhat3 centos1