If a victim has a directory/file path with the vulnerable extension, then a remote attacker can exploit this to cause a denial of service.
A use-after-free flaw was found in the Linux kernel’s monitoring of file system events. On systems with the CONFIG_VMD=m option set, a local attacker could use this flaw to dereference already freed memory and thus cause a denial of service.
A memory leak in the Linux kernel was found when handling incoming network packets. On systems with limited memory, incoming network packets could be silently consumed by the kernel. As a result, the system became unresponsive after some time.
A memory leak in the IPv6 code was discovered. On systems with limited resources, this could result in the consumption of significant resources by the IPv6 code.
A flaw was found in the Linux kernel’s handling of ‘epoll’ events. A remote attacker could use this flaw to cause a denial of service.
If a victim has a directory/file path with the vulnerable extension, then a remote attacker can exploit this to cause a denial of service. - CVE-2018-18334: A flaw was found in the Linux kernel’s Integrity Response (IRQ) handling for EXT4 file systems. A local user could use this flaw to cause a denial of service. - CVE-2018-18336: A race condition was found in the Linux kernel’s protocol
References !−
CVE-2018-18334: A flaw was found in the Linux kernel’s Integrity Response (IRQ) handling for EXT4 file systems. A local user could use this flaw to cause a denial of service. - https://www.exploit-db.com/exploits/44624/ !−
CVE-2018-18336: A race condition was found in the Linux kernel’s protocol handling for 6to4 sockets, a local user could use this flaw to cause a denial of service.- https://www.exploit-db.com/exploits/44625/
Linux Kernel version information disclosure
A flaw was found in the Linux kernel’s handling of ‘epoll’ events. A remote attacker could use this flaw to cause a denial of service.
The Linux kernel version 2.6.32-754.2 contained an information leak bug in the handling of /proc/kcore, which could allow a local user to obtain sensitive information from the kernel’s core file by reading it during an audit.
- CVE-2018-18297: A flaw was found in the Linux kernel’s handling of device hotplug operations
Linux OS configuration changes to mitigate risk of exploitation
The following configuration changes can mitigate the risk of exploitation:
- Remove CONFIG_VMD option from the kernel configuration.
- If the Linux OS is configured to use a large number of CPU cores, then run with a smaller number of CPU cores.
- If possible, disable the use of TCP and UDP sockets on unprivileged ports.
Linux Kernel 4.x
The Linux kernel is a monolithic Unix-like computer operating system kernel. It is the core of all Linux systems, and it handles low-level hardware access, memory allocation, process scheduling, etc.
References: http://www.securityfocus.com/bid/101932
A memory leak in the Linux kernel was found when handling incoming network packets. On systems with limited memory, incoming network packets could be silently consumed by the kernel. As a result, the system became unresponsive after some time. - CVE-2018-18333: A flaw was found in the ebtables code in the Linux kernel before 4.14-rc5. A local user could use this flaw to cause a denial of service (kernel oops).
If a victim has a directory/file path with the vulnerable extension, then a remote attacker can exploit this to cause a denial of service.
Timeline
Published on: 08/29/2022 15:15:00 UTC
Last modified on: 11/21/2022 19:46:00 UTC
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2070205
- https://access.redhat.com/security/cve/CVE-2022-1184
- https://ubuntu.com/security/CVE-2022-1184
- https://www.debian.org/security/2022/dsa-5257
- https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1184