CVE-2018-1130
Publication date 10 May 2018
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
From the Ubuntu Security Team
It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash).
Mitigation
Blacklist the dccp ipv[46] autoloading aliases by adding the following lines to /etc/modprobe.d/blacklist-dccp.conf: alias net-pf-2-proto-0-type-6 off alias net-pf-2-proto-33-type-6 off alias net-pf-10-proto-0-type-6 off alias net-pf-10-proto-33-type-6 off
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.4.0-127.153
|
|
14.04 LTS trusty |
Fixed 3.13.0-153.203
|
|
linux-aws | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.4.0-1060.69
|
|
14.04 LTS trusty |
Fixed 4.4.0-1022.22
|
|
linux-azure | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.15.0-1013.13~16.04.2
|
|
14.04 LTS trusty |
Not affected
|
|
linux-euclid | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-flo | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-gcp | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.15.0-1014.14~16.04.1
|
|
14.04 LTS trusty | Not in release | |
linux-gke | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-goldfish | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-grouper | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-hwe | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.15.0-24.26~16.04.1
|
|
14.04 LTS trusty | Not in release | |
linux-hwe-edge | 18.04 LTS bionic |
Fixed 4.18.0-8.9~18.04.1
|
16.04 LTS xenial |
Fixed 4.15.0-24.26~16.04.1
|
|
14.04 LTS trusty | Not in release | |
linux-kvm | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.4.0-1026.31
|
|
14.04 LTS trusty | Not in release | |
linux-lts-trusty | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-utopic | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-vivid | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-wily | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-lts-xenial | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty |
Fixed 4.4.0-127.153~14.04.1
|
|
linux-maguro | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-mako | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Ignored | |
14.04 LTS trusty | Not in release | |
linux-manta | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
linux-oem | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.13.0-1031.35
|
|
14.04 LTS trusty | Not in release | |
linux-raspi2 | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.4.0-1090.98
|
|
14.04 LTS trusty | Not in release | |
linux-snapdragon | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Fixed 4.4.0-1093.98
|
|
14.04 LTS trusty | Not in release |
Notes
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.5 · Medium |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | None |
Availability impact | High |
Vector | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-3654-2
- Linux kernel (Xenial HWE) vulnerabilities
- 22 May 2018
- USN-3698-2
- Linux kernel (Trusty HWE) vulnerabilities
- 2 July 2018
- USN-3654-1
- Linux kernel vulnerabilities
- 22 May 2018
- USN-3656-1
- Linux kernel (Raspberry Pi 2, Snapdragon) vulnerabilities
- 22 May 2018
- USN-3697-1
- Linux kernel vulnerabilities
- 2 July 2018
- USN-3698-1
- Linux kernel vulnerabilities
- 2 July 2018
- USN-3697-2
- Linux kernel (OEM) vulnerabilities
- 2 July 2018
Other references
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1130
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f93df79aeefc3add4e4b31a752600f834236e2
- https://marc.info/?l=linux-netdev&m=152036596825220&w=2
- https://syzkaller.appspot.com/bug?id=833568de043e0909b2aeaef7be136db39d21ba94
- https://www.cve.org/CVERecord?id=CVE-2018-1130