Warning message

This translation is outdated. For the most up-to-date information, please refer to the English version.

CVE-2018-14619

Impact:
Important
Public Date:
2018-08-28
CWE:
CWE-416
Bugzilla:
1622004: CVE-2018-14619 kernel: kernel crypto api でのクラッシュ (privesc の可能性)
crypto サブシステムで脆弱性が発見され、攻撃者は細工されたプログラムを使ってシステムをクラッシュさせたり、権限をエスカレートすることが可能です。

Find out more about CVE-2018-14619 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score 6.2
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Impact None
Availability Impact High

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel 影響なし
Red Hat Enterprise Linux 7 kernel 影響なし
Red Hat Enterprise Linux 7 kernel-alt 影響あり
Red Hat Enterprise Linux 6 kernel 影響なし
Red Hat Enterprise Linux 5 kernel 影響なし

Acknowledgements

この問題をご報告いただいた Red Hat Engineering の Florian Weimer 氏および Ondrej Mosnacek 氏に謝意を表します。

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.