CVE-2018-11237

Impact:
Moderate
Public Date:
2018-05-17
CWE:
CWE-119
Bugzilla:
1581274: CVE-2018-11237 glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper
A buffer overflow has been discovered in the GNU C Library (aka glibc or libc6) in the __mempcpy_avx512_no_vzeroupper function when particular conditions are met. An attacker could use this vulnerability to cause a denial of service or potentially execute code.

Find out more about CVE-2018-11237 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 5.6
CVSS3 Base Metrics CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity Impact Low
Availability Impact Low

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 7 (glibc) RHSA-2018:3092 2018-10-30

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 8 glibc Not affected
Red Hat Enterprise Linux 7 compat-glibc Not affected
Red Hat Enterprise Linux 6 glibc Not affected
Red Hat Enterprise Linux 6 compat-glibc Not affected
Red Hat Enterprise Linux 5 compat-glibc Not affected
Red Hat Enterprise Linux 5 glibc Not affected
Last Modified