VDB
ALINUX2-SA-2019%3A0101
ALINUX2-SA-2019%3A0101
PUBLISHED
CVSS 7.099999904632568 HIGH
Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities: CVE-2018-5383: Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
Risk Scores
CVSS 3.0
7.099999904632568
CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alibaba Cloud | linux-firmware |
Timeline
- Oct 22, 2019 CVE Published
- Oct 22, 2019 CVE Updated