Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2018-14633

CVE information

Published

5 years ago

Last Modified

1 year ago

CVSSv2.0 Severity

High

CVSSv3.1 Severity

High

Impact Analysis

Share

Description

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable..

CVSSv2.0 Score

Severity
High
Base Score
8.3/10
Exploit Score
8.6/10
Access Vector
Network
Access Complexity
Medium
Authentication Required
None
Impact Score
8.5/10
Confidentiality Impact
Partial
Availability Impact
Complete
Integrity Impact
Partial

CVSSv3.1 Score

Severity
High
Base Score
7/10
Exploit Score
2.2/10
Access Vector
Network
Access Complexity
High
Privileges Required
None
Impact Score
4.7/10
Confidentiality Impact
Low
Availability Impact
High
Integrity Impact
Low
Scope
Unchanged
User Interaction
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Yes
3.1 3.16.59
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Yes
3.17 3.18.124
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Yes
3.19 4.4.159
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Yes
4.5 4.9.130
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Yes
4.10 4.14.73
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Yes
4.15 4.18.11
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  Yes
- -
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  Yes
- -
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
  Yes
- -
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
  Yes
- -

References