VDB

ALINUX2-SA-2019%3A0101

ALINUX2-SA-2019%3A0101 PUBLISHED CVSS 7.099999904632568 HIGH

Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities: CVE-2018-5383: Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.

Risk Scores

CVSS 3.0
7.099999904632568
CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alibaba Cloudlinux-firmware

Timeline

  • Oct 22, 2019 CVE Published
  • Oct 22, 2019 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›