CVE-2018-10872

kernel: error in exception handling leads to DoS (CVE-2018-8897 regression)

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

Se ha encontrado un error en la forma en la que el kernel de Linux manejó las excepciones lanzadas tras una operación de cambio de pila mediante las instrucciones Mov SS o Pop SS. Durante la operación de cambio de pila, el procesador no lanzó interrupciones y excepciones, sino que las lanza una vez se ha ejecutado la primera instrucción tras el cambio de pila. Un usuario del sistema no privilegiado podría emplear este error para provocar el cierre inesperado del kernel del sistema, lo que resulta en una denegación de servicio (DoS). Este CVE-2018-10872 se asignó debido a la regresión de CVE-2018-8897 en el kernel de Red Hat Enterprise Linux 6.10 GA. Ninguna otra versión se ha visto afectada por este CVE.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-05-09 CVE Reserved
2018-07-10 CVE Published
2023-07-04 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-250: Execution with Unnecessary Privileges

CAPEC

References (6)

URL	Tag	Source
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	X_refsource_confirm
https://www.oracle.com/security-alerts/cpujul2020.html	X_refsource_misc

URL	Date	SRC

URL	Date	SRC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10872	2023-02-12

URL	Date	SRC
https://access.redhat.com/errata/RHSA-2018:2164	2023-02-12
https://access.redhat.com/security/cve/CVE-2018-10872	2018-07-10
https://bugzilla.redhat.com/show_bug.cgi?id=1596094	2018-07-10

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				6.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				6.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				6.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "6.0"		-		Affected