1. Home
  2. Vulnerabilities
  3. CVE-2018-1000026

CVE-2018-1000026

CVSS v3.1 7.7 (High)
77% Progress
CVSS v2.0 6.8 (Medium)
68% Progress
EPSS 0.29 % (69th)
0.29% Progress
Affected Products 7
Advisories 44
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..

Weaknesses
CWE-20
Improper Input Validation
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2018-02-09 23:29:00
(6 years ago)
Updated Date
2023-10-03 15:39:18
(11 months ago)

Affected Products

Canonical

Debian

Linux

Redhat

Configuration #1

    CPE23 From Up To
  Linux Kernel from 2.6.12 version and prior 4.4.181 version cpe:2.3:o:linux:linux_kernel >= 2.6.12 < 4.4.181
  Linux Kernel from 4.5.0 version and prior 4.9.159 version cpe:2.3:o:linux:linux_kernel >= 4.5.0 < 4.9.159
  Linux Kernel from 4.10 version and prior 4.14.102 version cpe:2.3:o:linux:linux_kernel >= 4.10 < 4.14.102
  Linux Kernel from 4.15 version and prior 4.16 version cpe:2.3:o:linux:linux_kernel >= 4.15 < 4.16

Configuration #2

    CPE23 From Up To
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts
  Canonical Ubuntu Linux 17.10 cpe:2.3:o:canonical:ubuntu_linux:17.10

Configuration #3

    CPE23 From Up To
  Redhat Enterprise Linux 7.0 cpe:2.3:o:redhat:enterprise_linux:7.0
  Redhat Enterprise Linux Desktop 7.0 cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  Redhat Enterprise Linux Server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0
  Redhat Enterprise Linux Workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Configuration #4

    CPE23 From Up To
  Debian Linux 8.0 cpe:2.3:o:debian:debian_linux:8.0