CVE-2018-1130 - Vulncode-DB

CVE-2018-1130 (NVD)

2018-05-10

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

Products	Ubuntu_linux, Debian_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation
Type	NULL Pointer Dereference (CWE-476)
First patch	- None (likely due to unavailable code)
Links	• https://marc.info/?l=linux-netdev&m=152036596825220&w=2 • https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html • https://access.redhat.com/errata/RHSA-2018:1854 • https://usn.ubuntu.com/3698-1/ • https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html More/Less (13) • https://usn.ubuntu.com/3698-2/ • https://syzkaller.appspot.com/bug?id=833568de043e0909b2aeaef7be136db39d21ba94 • https://usn.ubuntu.com/3656-1/ • https://usn.ubuntu.com/3654-2/ • https://usn.ubuntu.com/3654-1/ • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f93df79aeefc3add4e4b31a752600f834236e2 • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1130 • https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html • https://usn.ubuntu.com/3697-2/ • https://access.redhat.com/errata/RHSA-2018:3083 • https://usn.ubuntu.com/3697-1/ • https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html • https://access.redhat.com/errata/RHSA-2018:3096