CVE-2018-6927

CVSS v3.0 7.8 (High)

CVSS v2.0 4.6 (Medium)

EPSS 0.06 % (28^th)

Affected Products 10

Advisories 17

The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.

Weaknesses

CWE-190: Integer Overflow or Wraparound

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2018-02-12 19:29:01
(6 years ago)
Updated Date: 2019-03-06 21:38:42
(5 years ago)

Affected Products

Redhat

Configuration #1

		CPE23	From	Up To
	Linux Kernel prior 4.14.15 version	cpe:2.3:o:linux:linux_kernel		< 4.14.15

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:esm
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts
	Canonical Ubuntu Linux 17.10	cpe:2.3:o:canonical:ubuntu_linux:17.10

Configuration #3

		CPE23	From	Up To
	Debian Linux 7.0	cpe:2.3:o:debian:debian_linux:7.0
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Configuration #4

		CPE23	From	Up To
	Redhat Virtualization Host 4.0	cpe:2.3:a:redhat:virtualization_host:4.0
	Redhat Enterprise Linux Desktop 7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
	Redhat Enterprise Linux Server 7.0	cpe:2.3:o:redhat:enterprise_linux_server:7.0
	Redhat Enterprise Linux Server Aus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
	Redhat Enterprise Linux Server Eus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
	Redhat Enterprise Linux Server Tus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
	Redhat Enterprise Linux Workstation 7.0	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Weaknesses

Affected Products

Canonical

Debian

Linux

Redhat

Configuration #1

Configuration #2

Configuration #3

Configuration #4