Security Bulletin
Summary
IBM API Connect has addressed the following vulnerabilities.
Vulnerability Details
CVEID:
CVE-2018-16276
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by improper bounds checking in the yurex_read function in drivers/usb/misc/yurex.cr. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash, or gain elevated privileges.
CVSS Base Score: 7.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/149198
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-6554
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the irda_bind function. By repeatedly binding an AF_IRDA socket, a local attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/149360
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-15594
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by the improper handling of certain indirect calls. By conducting Spectre-v2 attacks against paravirtual guests, an attacker could exploit this vulnerability to leak memory contents into a CPU cache and read host kernel memory.
CVSS Base Score: 6.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148547
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)
CVEID:
CVE-2018-15572
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by the failure to always fill RSB upon a context switch by the spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c. An attacker could exploit this vulnerability to conduct userspace-userspace spectreRSB attacks and obtain private data.
CVSS Base Score: 6.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148546
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)
CVEID:
CVE-2018-17182
DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the improper handling of sequence number overflows by the vmacache_flush_all function. An attacker could exploit this vulnerability using certain thread creation, map, unmap, invalidation, and dereference operations to trigger a use-after-free error and gain elevated privileges on the system.
CVSS Base Score: 8.4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/150102
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-10902
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a double-free in in snd_rawmidi_input_params() and snd_rawmidi_output_status() triggered by the raw midi kernel driver. An attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with elevated privileges.
CVSS Base Score: 7.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148627
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-14633
DESCRIPTION: Linux Kernel is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the chap_server_compute_md5() function. If the iSCSI target to be enabled on the victim host, an attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash.
CVSS Base Score: 7
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/150238
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H)
CVEID:
CVE-2018-6555
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error in the irda_setsockopt function. A local attacker could exploit this vulnerability using an AF_IRDA socket to cause the system to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/149361
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-3062
DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server Server: Memcached component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/146957
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2017-18216
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in fs/ocfs2/cluster/nodemanager.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/139923
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-7603
DESCRIPTION: The Search Autocomplete for Drupal is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 6.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/151407
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVEID:
CVE-2018-12123
DESCRIPTION: Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting.
CVSS Base Score: 6.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/153457
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVEID:
CVE-2018-12122
DESCRIPTION: Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/153456
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-12121
DESCRIPTION: Node.js is vulnerable to a denial of service, caused by improper validation of HTTP headers. By sending specially-crafted HTTP requests with maximum sized headers, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/153455
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-12116
DESCRIPTION: Node.js is vulnerable to HTTP request splitting attacks, caused by improper input validation by the path option of an HTTP request. A remote attacker could exploit this vulnerability to inject arbitrary HTTP request and cause the browser to send 2 HTTP requests, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting.
CVSS Base Score: 6.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/153452
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVEID:
CVE-2018-0734
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could exploit this vulnerability using variations in the signing algorithm to recover the private key.
CVSS Base Score: 3.7
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/152085
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID:
CVE-2018-0732
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in a TLS handshake. By spending an unreasonably long period of time generating a key for this prime, a remote attacker could exploit this vulnerability to cause the client to hang.
CVSS Base Score: 3.7
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/144658
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-16845
DESCRIPTION: nginx is vulnerable to a denial of service, caused by an error when compiled with the ngx_http_mp4_module. By persuading a victim to open a specially-crafted mp4 file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop or obtain sensitive information from worker process memory.
CVSS Base Score: 4.4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/152681
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L)
CVEID:
CVE-2018-14647
DESCRIPTION: Python is vulnerable to a denial of service, caused by a flaw in the elementtree C accelerator. By using a specially-crafted XML document, a remote attacker could exploit this vulnerability to cause a resource exhaustion.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/150579
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-18314
DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by a flaw in the S_regatom function in regcomp.c. By using a specially-crafted regular expression, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/153589
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-18313
DESCRIPTION: Perl could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer overflow in the S_grok_bslash_N function in regcomp.c. By using a specially-crafted regular expression, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/153588
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:
CVE-2018-18312
DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by a flaw in the S_regatom function in regcomp.c. By using a specially-crafted regular expression, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/153587
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-18311
DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the Perl_my_setenv function. By sending a specially-crafted request, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition.
CVSS Base Score: 8.4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/153586
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-13053
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in alarm_timer_nsleep. By sending an overly long string, an attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/145647
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-15687
DESCRIPTION: systemd could allow a remote attacker to bypass security restrictions, caused by a race condition in the chown_one function. By sending a specially-crafted request, an attacker could exploit this vulnerability to set arbitrary permissions on arbitrary files.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/152040
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID:
CVE-2018-10880
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a stack-out-of-bounds write in the ext4 filesystem code. By using a specially-crafted ext4 image, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147436
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-13096
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds memory access flaw in fs/f2fs/super.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/145961
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-14609
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the __del_reloc_root function in fs/btrfs/relocation.c when mounting a crafted btrfs image. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147619
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-14617
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the hfsplus_lookup function in fs/hfsplus/dir.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147627
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-5407
DESCRIPTION: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on Simultaneous Multithreading (SMT) architecture. By using the PortSmash new side-channel attack, an attacker could run a malicious process next to legitimate processes using the architectures parallel thread running capabilities to leak encrypted data from the CPU''s internal processes. Note: This vulnerability is known as PortSmash.
CVSS Base Score: 5.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/152484
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:
CVE-2018-14600
DESCRIPTION: X.Org libx11 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw. By sending a specially-crafted value, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148663
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID:
CVE-2018-14599
DESCRIPTION: X.Org libx11 is vulnerable to a denial of service, caused by an off-by-one flaw in multiple functions. By sending malicious server responses, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148661
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-14598
DESCRIPTION: X.Org libx11 is vulnerable to a denial of service. By sending a specially-crafted reply, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148664
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-16429
DESCRIPTION: GNOME GLib is vulnerable to a denial of service, caused by an out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/149332
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-16428
DESCRIPTION: GNOME GLib is vulnerable to a denial of service, caused by a NULL pointer dereference in g_markup_parse_context_end_parse() in gmarkup.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/149333
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-1000222
DESCRIPTION: libgd could allow a remote attacker to execute arbitrary code on the system, caused by a double free in the gdImageBmpPtr function. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148755
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-14618
DESCRIPTION: cURL libcurl is vulnerable to a buffer overflow, caused by an integer overflow flaw in the Curl_ntlm_core_mk_nt_hash internal function in the NTLM authentication code. By sending an overly long password, a remote attacker could overflow a buffer and execute arbitrary code and cause the application to crash.
CVSS Base Score: 9.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/149359
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-5740
DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a defect in the deny-answer-aliases feature. By triggering this defect, a remote attacker could exploit this vulnerability to cause an INSIST assertion failure in name.c.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148131
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-10853
DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the failure to check current privilege(CPL) level while emulating unprivileged instructions by the KVM hypervisor. An attacker could exploit this vulnerability to gain elevated privileges on the system.
CVSS Base Score: 7.4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/149311
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-5391
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the improper handling of the reassembly of fragmented IPv4 and IPv6 packets by the IP implementation. By sending specially crafted IP fragments with random offsets, a remote attacker could exploit this vulnerability to exhaust all available CPU resources and cause a denial of service.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148388
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-9516
DESCRIPTION: Google Android could allow a local attacker to gain elevated privileges on the system, caused by an out-of-bounds write in hid_debug_events_read of drivers/hid/hid-debug.c. An attacker could exploit this vulnerability to escalate privileges.
CVSS Base Score: 8.4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/152645
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-5390
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error in the tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions. By sending specially crafted packets within ongoing TCP sessions, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147950
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-5711
DESCRIPTION: PHP is vulnerable to a denial of service, caused by an integer signedness error in the imagecreatefromgif and imagecreatefromstring functions in the GD Graphics Library (aka libgd). By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 5.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/137653
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-10876
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the ext4_ext_remove_space() function. By mounting and operating on a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147834
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-10881
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an out-of-bound access in the ext4_get_group_info function. By mounting and operating on a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147820
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-10882
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an out-of-bound write in the fs/jbd2/transaction.c code function. By unmounting a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147831
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-13094
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a flaw in the xfs_da_shrink_inode function in fs/xfs/libxfs/xfs_attr_leaf.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a kernel OOPS.
CVSS Base Score: 5.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/145959
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-3646
DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker with guest OS privilege could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts.
CVSS Base Score: 7.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148319
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)
CVEID:
CVE-2018-10877
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an out-of-bound access in the ext4_ext_drop_refs() function. By using a specially-crafted ext4 image, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147438
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2017-13168
DESCRIPTION: Google Android could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in kernel scsi driver. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base Score: 7.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/136062
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-10878
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds write in the ext4 filesystem. By mounting and operating on a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147833
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-10879
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the ext4_xattr_set_entry function. By renaming a file a specially crafted ext4 filesystem image, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147832
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-12233
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a memory corruption in the ea_get function in fs/jfs/xattr.c. A local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/144767
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-13405
DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a flaw in the fs/inode.c:inode_init_owner() function. An attacker could exploit this vulnerability to create files with an unintended group ownership.
CVSS Base Score: 4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/146434
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID:
CVE-2018-13406
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c. A local attacker could exploit this vulnerability to crash the kernel or potentially gain elevated privileges.
CVSS Base Score: 7.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147005
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2016-7942
DESCRIPTION: X.Org libX11 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the XGetImage() function. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/117541
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID:
CVE-2016-7943
DESCRIPTION: X.Org libX11 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the XListFonts() function. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/117542
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID:
CVE-2018-3639
DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by utilizing sequences of speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to bypass security restrictions and gain read access to privileged memory. Note: This vulnerability is the Speculative Store Bypass (SSB), also known as Variant 4 or "SpectreNG".
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/143569
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)
CVEID:
CVE-2018-3640
DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by utilizing sequences of speculative execution that perform speculative reads of system registers. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to determine the values stored in system registers. Note: This vulnerability is the Rogue System Register Read (RSRE), also known as Variant 3a.
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/143570
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)
CVEID:
CVE-2018-3620
DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts. Note: This vulnerability is also known as the "L1 Terminal Fault (L1TF)" or "Foreshadow" attack.
CVSS Base Score: 7.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148318
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)
CVEID:
CVE-2018-10021
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by ata qc leak in the drivers/scsi/libsas/sas_scsi_host.c. By triggering certain failure conditions, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/141588
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-10087
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a flaw in the kernel_wait4 function in kernel/exit.c. By triggering an attempted use of the -INT_MIN value, a local attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 6.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/141640
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-10124
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a flaw in the kill_something_info function in kernel/signal.c. By using an INT_MIN argument, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/141698
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-7755
DESCRIPTION: Linux Kernel could allow a local attacker to bypass security restrictions, caused by a flaw in the fd_locked_ioctl function in drivers/block/floppy.c. By using the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data, an attacker could exploit this vulnerability to bypass kernel security protections.
CVSS Base Score: 4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/140065
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID:
CVE-2017-5715
DESCRIPTION: Intel Haswell Xeon, AMD PRO and ARM Cortex A57 CPUs could allow a local authenticated attacker to obtain sensitive information, caused by a branch target injection in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to leak memory contents into a CPU cache and read host kernel memory.
CVSS Base Score: 6.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/137054
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)
CVEID:
CVE-2018-0737
DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive information, caused by a cache-timing side channel attack in the RSA Key generation algorithm. An attacker with access to mount cache timing attacks during the RSA key generation process could exploit this vulnerability to recover the private key and obtain sensitive information.
CVSS Base Score: 3.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/141679
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
CVEID:
CVE-2018-1152
DESCRIPTION: Libjpeg Turbo is vulnerable to a denial of service, caused by a divide-by-zero when processing a BMP image. By persuading a victim to open a specially crafted BMP image, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/145045
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID:
CVE-2017-18258
DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by a flaw in the xz_head function in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/141432
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-5814
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by multiple race condition errors when handling probe, disconnect and rebind operations in USB over IP daemon. By sending multiple USB over IP packets, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 6.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/144508
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-1116
DESCRIPTION: polkit is vulnerable to a denial of service, caused by a flaw in the implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service or obtain sensitive information.
CVSS Base Score: 7.7
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/146202
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)
CVEID:
CVE-2016-10087
DESCRIPTION: libpng is vulnerable to a denial of service, caused by a NULL pointer dereference in the png_set_text_2 function. By loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/124207
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-14404
DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference in the xpath.c:xmlXPathCompOpEval() function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147260
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-7185
DESCRIPTION: NTP is vulnerable to a denial of service. By sending specially crafted packets, a remote authenticated attacker could exploit this vulnerability to reset authenticated interleaved association.
CVSS Base Score: 3.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/139783
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2016-9318
DESCRIPTION: Libxml2 could allow a remote attacker to obtain sensitive information, caused by failure to offer a flag directly indicating the status of current document. By using a specially-crafted document to conduct a XML external entity (XXE) attack, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/119018
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)
CVEID:
CVE-2017-18255
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in the perf_cpu_time_max_percent_handler function in kernel/events/core.c. By using a specially-crafted input, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/141329
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-7183
DESCRIPTION: NTP is vulnerable to a buffer overflow, caused by improper bounds checking by the decodearr function. By leveraging an ntpq query and sending a response with a crafted array, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 5.6
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/140092
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID:
CVE-2017-15896
DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by an error in OpenSSL within the "error state" mechanism when directly calling SSL_read() due to TLS handshake failure. An attacker could exploit this vulnerability to bypass the decryption or encryption process and perform unauthorized actions.
CVSS Base Score: 6.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/136225
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID:
CVE-2018-12115
DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an out-of-bounds write in Buffer. An attacker could exploit this vulnerability to write to memory outside of a Buffer''s memory space, corrupt Buffer objects or cause the process to crash.
CVSS Base Score: 8.2
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148426
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H)
CVEID:
CVE-2018-7159
DESCRIPTION: Node.js http module could allow a remote attacker to bypass security restrictions, caused by the acceptance of incorrect Content-Length values, containing spaces within the value, in HTTP headers. An attacker could exploit this vulnerability to confuse the script and launch further attacks on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/143448
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID:
CVE-2018-7158
DESCRIPTION: Node.js path module is vulnerable to a denial of service. By sending a specially crafted file path, an attacker could exploit this vulnerability to cause a regular expression denial of service.
CVSS Base Score: 5.9
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/143449
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-1000168
DESCRIPTION: nghttp2 is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/141584
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-7161
DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an error within the http2 implementation. By interacting with the http2 server in an insecure manner, a remote attacker could exploit this vulnerability to cause the node server providing an http2 server to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/144736
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-7167
DESCRIPTION: Node.js is vulnerable to a denial of service. By invoking Buffer.fill() or Buffer.alloc() , a remote attacker could exploit this vulnerability to cause the application to hang.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/144740
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:
CVE-2018-7160
DESCRIPTION: Node.js inspector module could allow a remote attacker to bypass security restrictions, caused by the failure to properly validate the Host header. An attacker could exploit this vulnerability to bypass same-origin policy and conduct a DNS rebinding attack.
CVSS Base Score: 5.8
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/143447
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L)
CVEID:
CVE-2018-3665
DESCRIPTION: Intel Core-based microprocessors could allow a local attacker to obtain sensitive information, caused by utilizing the Lazy FP state restore technique for floating point state when context switching between application processes. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to determine register values of other processes. Note: This vulnerability is known as LazyFP.
CVSS Base Score: 4.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/144757
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)
CVEID:
CVE-2018-14567
DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by an error in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 3.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/148541
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-14680
DESCRIPTION: An unspecified error in libmspack related to the failure to reject blank CHM filenames has an unknown impact and attack vector.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147668
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID:
CVE-2018-14681
DESCRIPTION: libmspack could allow a remote attacker to overwrite arbitrary files, caused by an error in the kwajd_read_headers function in mspack/kwajd.c in libmspack. An attacker could exploit this vulnerability using bad KWAJ file header extensions to cause a one or two byte overwrite.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147669
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID:
CVE-2018-14679
DESCRIPTION: libmspack is vulnerable to a denial of service, caused by an off-by-one error in the CHM PMGI/PMGL chunk number validity checks in mspack/chmd.c. A remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147667
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2018-14682
DESCRIPTION: libmspack is vulnerable to a denial of service, caused by an off-by-one in mspack/chmd.c in the TOLOWER() macro for CHM decompression. A remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/147666
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2017-7526
DESCRIPTION: Libgcrypt could allow a remote attacker to obtain sensitive information, caused by a cache side-channel attack when using left-to-right sliding window method by the RSA-1024 implementation. By running arbitrary software where the private key is used, an attacker could exploit this vulnerability to obtain the RSA private key.
CVSS Base Score: 6.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/128271
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N)
CVEID:
CVE-2018-9518
DESCRIPTION: Google Android could allow a local attacker to gain elevated privileges on the system, caused by an out-of-bounds write flaw in the nfc_llcp_build_sdreq_tlv function in llcp_commands.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base Score: 8.4
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/154089
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID:
CVE-2018-0495
DESCRIPTION: GnuPG Libgcrypt could allow a local attacker to obtain sensitive information, caused by a memory-cache side-channel attack on ECDSA signatures in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c. An attacker could exploit this vulnerability to recover ECDSA or DSA private keys.
CVSS Base Score: 5.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/144828
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:
CVE-2018-1000204
DESCRIPTION: Linux Kernel could allow a remote attacker to obtain sensitive information, caused by the improper handling of an SG_IO ioctl on /dev/sg0. By sending a specially-crafted argument, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 7.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/144557
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:
CVE-2017-13695
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c. By using a specially-rafted ACPI table, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 3.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/131022
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
CVEID:
CVE-2017-18257
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in the __get_data_block function in fs/f2fs/data.c. By using specially-crafted open and fallocate system calls with an FS_IOC_FIEMAP ioctl, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.5
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/141431
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
IBM API Connect version 5.0.8.0-5.0.8.4
Remediation/Fixes
| Affected Product | Addressed in VRMF | APAR | Remediation/First Fix |
| IBM API Connect 5.0.8.0-5.0.8.4 | 5.0.8.5 fix pack | LI80564 |
Addressed in IBM API Connect V5.0.8.5 fix pack. Follow this link and find the APIConnect-Portal package. |
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
Change History
January 28, 2018: Original bulletin published
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Document Location
Worldwide
Product Synonym
APIC;API Connect;IBM Developer Portal;
Was this topic helpful?
Document Information
Modified date:
28 January 2019
UID
ibm10843434