VDB
CVE-2018-7191
CVE-2018-7191
PUBLISHED
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.
EPSS 0.07% · 22.5th percentile
Risk Scores
EPSS Score
0.07%
22.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:14.04:LTS | linux-azure | *, *, * |
| Ubuntu:Pro:16.04:LTS | linux-azure | 0, 4.15.0-1188.203~16.04.1, 4.15.0-1187.202~16.04.1 |
| Ubuntu:Pro:20.04:LTS | linux-oracle | 5.4.0-1126.135, 5.4.0-1022.22, 5.4.0-1107.116 |
| Ubuntu:Pro:16.04:LTS | linux | 4.2.0-16.19, 4.4.0-173.203, 4.4.0-124.148 |
| Ubuntu:Pro:18.04:LTS | linux-azure-5.4 | 5.4.0-1095.101~18.04.1, 5.4.0-1100.106~18.04.1, 5.4.0-1101.107~18.04.1 |
| Ubuntu:Pro:20.04:LTS | linux-raspi | 5.4.0-1033.36, 5.4.0-1096.107, 5.4.0-1095.106 |
| Ubuntu:Pro:16.04:LTS | linux-aws | 4.4.0-1173.188, 4.4.0-1126.140, 4.4.0-1168.183 |
| Ubuntu:Pro:20.04:LTS | linux-bluefield | 5.4.0-1066.72, 0, 5.4.0-1007.10 |
| Ubuntu:Pro:FIPS:18.04:LTS | linux-fips | 4.15.0-1011.12, 0 |
| Ubuntu:Pro:20.04:LTS | linux | 5.4.0-72.80, 5.4.0-71.79, 5.4.0-70.78 |
| Ubuntu:Pro:18.04:LTS | linux-aws-5.4 | 5.4.0-1123.133~18.04.1, 5.4.0-1122.132~18.04.1, 5.4.0-1121.131~18.04.1 |
| Ubuntu:Pro:FIPS-updates:20.04:LTS | linux-azure-fips | 5.4.0-1095.101+fips1, 5.4.0-1100.106+fips1, 5.4.0-1098.104+fips1 |
| Ubuntu:20.04:LTS | linux-gke | 5.4.0-1051.54, 5.4.0-1041.43, 5.4.0-1046.48 |
| Ubuntu:Pro:20.04:LTS | linux-xilinx-zynqmp | 5.4.0-1023.27, 5.4.0-1052.56, 5.4.0-1027.31 |
| Ubuntu:20.04:LTS | linux-raspi2 | 5.3.0-1014.16, 5.3.0-1015.17, 5.3.0-1017.19 |
| Ubuntu:20.04:LTS | linux-gkeop-5.15 | 5.15.0-1015.19~20.04.1, 5.15.0-1008.12~20.04.1, 5.15.0-1007.10~20.04.1 |
| Ubuntu:Pro:FIPS-updates:20.04:LTS | linux-aws-fips | 5.4.0-1148.158+fips1, *, * |
| Ubuntu:Pro:FIPS-updates:18.04:LTS | linux-aws-fips | 4.15.0-2034.35, 4.15.0-2035.37, 0 |
| Ubuntu:Pro:FIPS:20.04:LTS | linux-aws-fips | 0, 5.4.0-1021.21+fips2 |
| Ubuntu:Pro:18.04:LTS | linux-oracle | 4.15.0-1015.17, 4.15.0-1013.15, 4.15.0-1142.153 |
…and 45 more
Exploit Intelligence
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1743792 (nist-nvd)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
Timeline
- May 17, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2018-7191 third-party-advisory
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1743792 third-party-advisory
- https://git.kernel.org/linus/0ad646c81b2182f7fa67ec0c8c825e0ee165696d third-party-advisory
- https://git.kernel.org/linus/5c25f65fd1e42685f7ccd80e0621829c105785d9 third-party-advisory
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748846 third-party-advisory
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.14 third-party-advisory
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ad646c81b2182f7fa67ec0c8c825e0ee165696d third-party-advisory
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c25f65fd1e42685f7ccd80e0621829c105785d9 third-party-advisory
- https://github.com/torvalds/linux/commit/0ad646c81b2182f7fa67ec0c8c825e0ee165696d third-party-advisory
- https://github.com/torvalds/linux/commit/5c25f65fd1e42685f7ccd80e0621829c105785d9 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2018-7191 third-party-advisory