A flaw was found in the Linux kernel’s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
debian_linuxeq8.0
linux_kernelge3.7
linux_kernellt3.16.65
linux_kernelge4.5
linux_kernellt4.9.151
linux_kernelge4.10
linux_kernellt4.14.94
linux_kernelge4.15

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
debian_linux	eq	8.0
linux_kernel	ge	3.7
linux_kernel	lt	3.16.65
linux_kernel	ge	4.5
linux_kernel	lt	4.9.151
linux_kernel	ge	4.10
linux_kernel	lt	4.14.94
linux_kernel	ge	4.15

Rows per page:

1-10 of 191

References

www.securityfocus.com/bid/106253

access.redhat.com/errata/RHSA-2019:1873

access.redhat.com/errata/RHSA-2019:1891

access.redhat.com/errata/RHSA-2019:2696

access.redhat.com/errata/RHSA-2019:2730

access.redhat.com/errata/RHSA-2019:3309

access.redhat.com/errata/RHSA-2019:3517

access.redhat.com/errata/RHSA-2020:0204

bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16884

lists.debian.org/debian-lts-announce/2019/03/msg00034.html

lists.debian.org/debian-lts-announce/2019/04/msg00004.html

lists.debian.org/debian-lts-announce/2019/05/msg00002.html

patchwork.kernel.org/cover/10733767/

patchwork.kernel.org/patch/10733769/

support.f5.com/csp/article/K21430012

usn.ubuntu.com/3932-1/

usn.ubuntu.com/3932-2/

usn.ubuntu.com/3980-1/

usn.ubuntu.com/3980-2/

usn.ubuntu.com/3981-1/

usn.ubuntu.com/3981-2/

www.oracle.com/security-alerts/cpuApr2021.html

openvas 32

ubuntucve 1

nessus 53

veracode 1

fedora 3

f5 1

debiancve 1

redhatcve 1

nvd 1

virtuozzo 1

cve 1

amazon 2

cvelist 1

oraclelinux 6

centos 1

redhat 8

mageia 3

ubuntu 6

cloudfoundry 2

suse 2

osv 2

debian 3

slackware 1

ibm 1

lenovo 1

oracle 1

openvas

Fedora Update for kernel-tools FEDORA-2019-20a89ca9af

2019-01-22 00:00:00

Fedora Update for kernel-headers FEDORA-2019-20a89ca9af

2019-01-22 00:00:00

SUSE: Security Advisory (SUSE-SU-2019:0326-1)

2021-04-19 00:00:00

ubuntucve

CVE-2018-16884

2018-12-18 00:00:00

nessus

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0356-1)

2019-02-14 00:00:00

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0326-1)

2019-02-12 00:00:00

Fedora 28 : kernel / kernel-headers / kernel-tools (2019-20a89ca9af)

2019-01-22 00:00:00

veracode

Privilege Escalation

2019-08-05 00:16:14

fedora

[SECURITY] Fedora 28 Update: kernel-tools-4.19.16-200.fc28

2019-01-22 01:35:57

[SECURITY] Fedora 28 Update: kernel-headers-4.19.16-200.fc28

2019-01-22 01:35:57

[SECURITY] Fedora 28 Update: kernel-4.19.16-200.fc28

2019-01-22 01:35:57

K21430012 : Linux kernel vulnerability CVE-2018-16884

2019-04-09 00:00:00

debiancve

CVE-2018-16884

2018-12-18 22:29:04

redhatcve

CVE-2018-16884

2020-04-09 07:12:27

nvd

CVE-2018-16884

2018-12-18 22:29:04

virtuozzo

Important kernel security update: Virtuozzo ReadyKernel patch 69.0 for Virtuozzo 7.0.4 HF3 to 7.0.8 HF1

2018-12-24 00:00:00

cve

CVE-2018-16884

2018-12-18 22:29:04

amazon

Important: kernel

2019-01-25 02:26:00

Important: kernel

2019-01-23 23:20:00

cvelist

CVE-2018-16884

2018-12-18 22:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2020-09-10 00:00:00

kernel security, bug fix, and enhancement update

2019-07-30 00:00:00

kernel security, bug fix, and enhancement update

2019-11-14 00:00:00

centos

bpftool, kernel, perf, python security update

2019-07-31 13:31:33

redhat

(RHSA-2019:1891) Important: kernel-rt security and bug fix update

2019-07-29 12:49:37

(RHSA-2019:1873) Important: kernel security, bug fix, and enhancement update

2019-07-29 12:49:26

(RHSA-2019:2730) Important: kernel-rt security and bug fix update

2019-09-11 07:20:53

mageia

Updated kernel packages fix security vulnerabilities

2019-02-21 02:50:36

Updated kernel-linus packages fix security vulnerabilities

2019-02-21 02:50:36

Updated kernel-tmb packages fixes security vulnerabilities

2019-05-16 11:25:22

ubuntu

Linux kernel vulnerabilities

2019-05-14 00:00:00

Linux kernel (HWE) vulnerabilities

2019-05-15 00:00:00

Linux kernel vulnerabilities

2019-05-14 00:00:00

cloudfoundry

USN-3981-2: Linux kernel (HWE) vulnerabilities (AKA ZombieLoad Attack) | Cloud Foundry

2019-05-20 00:00:00

USN-3932-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2019-04-12 00:00:00

suse

Security update for the Linux Kernel (important)

2019-02-06 00:00:00

Security update for the Linux Kernel (important)

2019-01-18 00:00:00

osv

linux-4.9 - security update

2019-04-29 00:00:00

linux - security update

2019-03-26 00:00:00

debian

[SECURITY] [DLA 1771-1] linux-4.9 security update

2019-05-03 10:07:46

[SECURITY] [DLA 1731-2] linux regression update

2019-04-01 18:39:17

[SECURITY] [DLA 1731-1] linux security update

2019-03-27 16:39:16

slackware

[slackware-security] Slackware 14.2 kernel

2019-01-31 00:22:22

ibm

Security Bulletin: IBM QRadar SIEM is vulnerable to multiple Kernel vulnerabilities

2019-11-06 19:05:13

lenovo

AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US

2020-04-13 19:22:04

oracle

Oracle Critical Patch Update Advisory - April 2021

2021-04-20 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

JSON

Related for PRION:CVE-2018-16884