Log

CVE-2018-5188 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Several memory safety bugs have been found in Firefox before 61.0 and Thunderbird before 52.9. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5188
+ https://bugzilla.mozilla.org/buglist.cgi?bug_id=1456189%2C1456975%2C1465898%2C1392739%2C1451297%2C1464063%2C1437842%2C1442722%2C1452576%2C1450688%2C1458264%2C1458270%2C1465108%2C1464829%2C1464079%2C1463494%2C1458048
Notes
CVE-2018-5205 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ When using incomplete escape codes, irssi before 1.0.6 may access data beyond the end of the string.
References
+ https://irssi.org/security/irssi_sa_2018_01.txt
+ https://github.com/irssi/irssi/commit/7a83c63701b7395ee6cc606905314318eef77971
Notes
CVE-2018-5206 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ When the channel topic is set without specifying a sender, irssi before 1.0.6 may dereference a NULL pointer.
References
+ https://irssi.org/security/irssi_sa_2018_01.txt
+ https://github.com/irssi/irssi/commit/54d453623d879ea83d0818a80bd14151192953ec
Notes
CVE-2018-5207 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ When using an incomplete variable argument, irssi before 1.0.6 may access data beyond the end of the string.
References
+ https://irssi.org/security/irssi_sa_2018_01.txt
+ https://github.com/irssi/irssi/commit/cc17837a9b326ec9100a35981348fa0f5d6316fa
Notes
CVE-2018-5208 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In Irssi before 1.0.6 a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.
References
+ https://irssi.org/security/irssi_sa_2018_01.txt
+ https://github.com/irssi/irssi/commit/2361d4b1e5d38701f35146219ceddd318ac4e645
Notes
CVE-2018-5388 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ strongSwan VPN's charon server prior to version 5.6.3 is missing a packet length check in stroke_socket.c, allowing a buffer overflow which may lead to resource exhaustion and denial of service while reading from the socket.
+ According to the vendor, an attacker must typically have local root permissions to access the socket. However, other accounts and groups such as the vpn group (if capability dropping in enabled, for example) may also have sufficient permissions, but this configuration does not appear to be the default behavior.
References
+ https://www.kb.cert.org/vuls/id/338343
+ https://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=0acd1ab4
Notes
CVE-2018-5390 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.
References
+ https://www.kb.cert.org/vuls/id/962459
+ https://www.spinics.net/lists/netdev/msg514742.html
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=72cd43ba64fc172a443410ce01645895850844c8
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f4a3313d8e2ca9fd8d8f45e40a2903ba782607e7
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d4bf93ac12003f9b8e1e2de37fe27983deebdcf
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8541b21e781a22dce52a74fef0b9bed00404a1cd
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=58152ecbbcc6a0ce7fddd5bf5f6ee535834ece0c
Notes
CVE-2018-5391 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.
References
+ https://access.redhat.com/articles/3553061
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f
Notes
CVE-2018-5407 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Private key recovery
Description
+ A vulnerability has been found in the ECC scalar multiplication implementation of OpenSSL < 1.1.0i and <= 1.0.2p. The implementation, used in e.g. ECDSA and ECDH, has been shown
+ to be vulnerable to a microarchitecture timing side channel attack. An attacker with sufficient access to mount local timing attacks during ECDSA signature generation could recover the private key.
References
+ https://www.openssl.org/news/secadv/20181112.txt
+ https://github.com/openssl/openssl/commit/b18162a7c9bbfb57112459a4d6631fa258fd8c0c
Notes
CVE-2018-5686 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
References
+ https://bugs.ghostscript.com/show_bug.cgi?id=698860
+ https://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=b70eb93f6936c03d8af52040bbca4d4a7db39079
Notes