CVE-2018-7995 (Medium) detected in linuxv3.10 #199
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2018-7995 - Medium Severity Vulnerability
Linux kernel source tree
Library home page: https://github.com/torvalds/linux.git
Found in HEAD commit: f978d7dbb980bbe5267a625da958c4226e1a8ae0
Found in base branch: cosmic-experimental-1.6
** DISPUTED ** Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck directory. NOTE: a third party has indicated that this report is not security relevant.
Publish Date: 2018-03-09
URL: CVE-2018-7995
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7995
Release Date: 2018-03-09
Fix Resolution: v4.16-rc5
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: