漏洞信息详情

Linux kernel 资源管理错误漏洞

  • CNNVD编号:CNNVD-201812-780
  • 危害等级: 高危
  • CVE编号: CVE-2018-16884
  • 漏洞类型: 资源管理错误
  • 发布时间: 2018-12-19
  • 威胁类型: 远程或本地
  • 更新时间: 2020-04-15
  • 厂        商:
  • 漏洞来源: Ubuntu,Red Hat

漏洞简介

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFS41+ subsystem是其中的一个文件子系统。

Linux kernel中的NFS41+子系统的‘make bc_svc_process()’函数存在释放后重用漏洞。攻击者可利用该漏洞造成主机内核内存损坏及系统错误。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://patchwork.kernel.org/cover/10733767/

https://patchwork.kernel.org/patch/10733769/

参考网址

来源:UBUNTU

链接:https://usn.ubuntu.com/3980-2/

来源:UBUNTU

链接:https://usn.ubuntu.com/3932-1/

来源:UBUNTU

链接:https://usn.ubuntu.com/3980-1/

来源:UBUNTU

链接:https://usn.ubuntu.com/3981-1/

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html

来源:UBUNTU

链接:https://usn.ubuntu.com/3932-2/

来源:CONFIRM

链接:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16884

来源:UBUNTU

链接:https://usn.ubuntu.com/3981-2/

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html

来源:CONFIRM

链接:https://support.f5.com/csp/article/K21430012

来源:CONFIRM

链接:https://patchwork.kernel.org/cover/10733767/

来源:MLIST

链接:https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html

来源:BID

链接:http://www.securityfocus.com/bid/106253

来源:CONFIRM

链接:https://patchwork.kernel.org/patch/10733769/

来源:usn.ubuntu.com

链接:https://usn.ubuntu.com/3979-1/

来源:www.suse.com

链接:https://www.suse.com/support/update/announcement/2019/suse-su-20190541-1.html

来源:lists.debian.org

链接:https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html

来源:usn.ubuntu.com

链接:https://usn.ubuntu.com/3932-1/

来源:access.redhat.com

链接:https://access.redhat.com/errata/RHSA-2020:0204

来源:lists.debian.org

链接:https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/77958

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/80234

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/152938/Ubuntu-Security-Notice-USN-3981-2.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.0262/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/156058/Red-Hat-Security-Advisory-2020-0204-01.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/152377/Ubuntu-Security-Notice-USN-3932-2.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/80918

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/75034

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/76474

来源:support.lenovo.com

链接:https://support.lenovo.com/us/en/product_security/LEN-29592

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/78370

受影响实体

    暂无


补丁


漏洞信息快速查询

漏洞名称:
漏洞编号:
发布时间 从:
到:
  搜索 重置

相关漏洞

更多

数据文件