CVE-2018-1068

Impact:
Important
Public Date:
2018-03-05
CWE:
CWE-119
Bugzilla:
1552048: CVE-2018-1068 kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c
A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

Find out more about CVE-2018-1068 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 8.1
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector Local
Attack Complexity High
Privileges Required None
User Interaction None
Scope Changed
Confidentiality High
Integrity Impact High
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 7 (kernel-alt) RHSA-2018:2948 2018-10-30
Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt) RHSA-2019:1190 2019-05-14
Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) RHSA-2018:1355 2018-05-08
Red Hat Enterprise Linux 7 (kernel) RHSA-2018:1318 2018-05-08
Red Hat Enterprise Linux Extended Update Support 7.4 (kernel) RHSA-2019:1170 2019-05-14

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 8 kernel Not affected
Red Hat Enterprise Linux 6 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected
Last Modified