Log

CVE-2018-5186 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Several memory safety bugs have been found in Firefox before 61.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5186
+ https://bugzilla.mozilla.org/buglist.cgi?bug_id=1464872%2C1463329%2C1419373%2C1412882%2C1413033%2C1444673%2C1454448%2C1453505%2C1438671
Notes
CVE-2018-5187 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Several memory safety bugs have been found in Firefox before 61.0 and Thunderbird before 60.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5187
+ https://bugzilla.mozilla.org/buglist.cgi?bug_id=1461324%2C1414829%2C1395246%2C1467938%2C1461619%2C1425930%2C1438556%2C1454285%2C1459568%2C1463884
Notes
CVE-2018-5188 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Several memory safety bugs have been found in Firefox before 61.0 and Thunderbird before 52.9. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-5188
+ https://bugzilla.mozilla.org/buglist.cgi?bug_id=1456189%2C1456975%2C1465898%2C1392739%2C1451297%2C1464063%2C1437842%2C1442722%2C1452576%2C1450688%2C1458264%2C1458270%2C1465108%2C1464829%2C1464079%2C1463494%2C1458048
Notes
CVE-2018-5205 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ When using incomplete escape codes, irssi before 1.0.6 may access data beyond the end of the string.
References
+ https://irssi.org/security/irssi_sa_2018_01.txt
+ https://github.com/irssi/irssi/commit/7a83c63701b7395ee6cc606905314318eef77971
Notes
CVE-2018-5206 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ When the channel topic is set without specifying a sender, irssi before 1.0.6 may dereference a NULL pointer.
References
+ https://irssi.org/security/irssi_sa_2018_01.txt
+ https://github.com/irssi/irssi/commit/54d453623d879ea83d0818a80bd14151192953ec
Notes
CVE-2018-5207 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ When using an incomplete variable argument, irssi before 1.0.6 may access data beyond the end of the string.
References
+ https://irssi.org/security/irssi_sa_2018_01.txt
+ https://github.com/irssi/irssi/commit/cc17837a9b326ec9100a35981348fa0f5d6316fa
Notes
CVE-2018-5208 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In Irssi before 1.0.6 a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.
References
+ https://irssi.org/security/irssi_sa_2018_01.txt
+ https://github.com/irssi/irssi/commit/2361d4b1e5d38701f35146219ceddd318ac4e645
Notes
CVE-2018-5388 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ strongSwan VPN's charon server prior to version 5.6.3 is missing a packet length check in stroke_socket.c, allowing a buffer overflow which may lead to resource exhaustion and denial of service while reading from the socket.
+ According to the vendor, an attacker must typically have local root permissions to access the socket. However, other accounts and groups such as the vpn group (if capability dropping in enabled, for example) may also have sufficient permissions, but this configuration does not appear to be the default behavior.
References
+ https://www.kb.cert.org/vuls/id/338343
+ https://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=0acd1ab4
Notes
CVE-2018-5390 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.
References
+ https://www.kb.cert.org/vuls/id/962459
+ https://www.spinics.net/lists/netdev/msg514742.html
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=72cd43ba64fc172a443410ce01645895850844c8
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f4a3313d8e2ca9fd8d8f45e40a2903ba782607e7
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d4bf93ac12003f9b8e1e2de37fe27983deebdcf
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8541b21e781a22dce52a74fef0b9bed00404a1cd
+ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=58152ecbbcc6a0ce7fddd5bf5f6ee535834ece0c
Notes
CVE-2018-5391 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.
References
+ https://access.redhat.com/articles/3553061
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f
Notes