DEBIAN-CVE-2018-10021

DEBIAN-CVE-2018-10021 PUBLISHED CVSS 5.5 MEDIUM

drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. NOTE: a third party disputes the relevance of this report because the failure can only occur for physically proximate attackers who unplug SAS Host Bus Adapter cables

Risk Scores

CVSS v3.0

5.5

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:14	linux	0, 0, 0
Debian:13	linux	0, 0, 0
Debian:11	linux	0, 0, 0
Debian:12	linux	0, 0, 0

Timeline

Apr 11, 2018 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2018-10021 advisory

Open in Interactive Console →