Vulnerability CVE-2018-6554: Information

Description

Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.

Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-6554
Published: Sept. 4, 2018
Modified: Oct. 10, 2019
Error type identifier: CWE-772

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-mpsisyphus4.17.4-alt16.8.4-alt1ALT-PU-2018-1976-1209498Fixed
kernel-image-mpp104.17.4-alt16.1.19-alt1ALT-PU-2018-1976-1209498Fixed
kernel-image-mpp94.17.4-alt15.12.16-alt1ALT-PU-2018-1976-1209498Fixed
kernel-image-mpc9f24.17.4-alt15.7.16-alt1ALT-PU-2018-1976-1209498Fixed
kernel-image-std-defsisyphus4.14.70-alt16.1.87-alt1ALT-PU-2018-2338-1213109Fixed
kernel-image-std-defp104.14.70-alt15.10.213-alt1ALT-PU-2018-2338-1213109Fixed
kernel-image-std-defp94.14.70-alt15.4.274-alt1ALT-PU-2018-2338-1213109Fixed
kernel-image-std-defp84.9.127-alt0.M80P.14.9.337-alt0.M80P.1ALT-PU-2018-2358-1213117Fixed
kernel-image-std-defc9f24.14.70-alt15.10.214-alt0.c9f.2ALT-PU-2018-2338-1213109Fixed
kernel-image-std-defc74.4.183-alt0.M70C.14.4.277-alt0.M70C.1ALT-PU-2019-2175-1233233Fixed
kernel-image-std-paep84.4.157-alt0.M80P.14.4.159-alt0.M80P.1ALT-PU-2018-2368-1213374Fixed
kernel-image-std-paec9f24.4.156-alt14.19.72-alt1ALT-PU-2018-2337-1213116Fixed
kernel-image-un-defsisyphus4.17.4-alt16.6.28-alt1ALT-PU-2018-1971-1208675Fixed
kernel-image-un-defp104.17.4-alt16.1.85-alt1ALT-PU-2018-1971-1208675Fixed
kernel-image-un-defp94.17.4-alt15.10.215-alt1ALT-PU-2018-1971-1208675Fixed
kernel-image-un-defp84.14.70-alt0.M80P.14.19.310-alt0.M80P.1ALT-PU-2018-2357-1213115Fixed
kernel-image-un-defc10f14.17.4-alt16.1.85-alt0.c10f.1ALT-PU-2018-1971-1208675Fixed
kernel-image-un-defc9f24.17.4-alt15.10.29-alt2ALT-PU-2018-1971-1208675Fixed
kernel-image-un-defc74.9.277-alt0.M70C.14.9.277-alt0.M70C.1ALT-PU-2021-3032-1281292Fixed
usbipsisyphus5.10-alt15.10-alt1ALT-PU-2023-1798-1320453Fixed
usbipsisyphus_e2k5.10-alt15.10-alt1ALT-PU-2023-7452-1-Fixed
usbipp105.10-alt15.10-alt1ALT-PU-2023-1903-1320461Fixed
usbipp10_e2k5.10-alt15.10-alt1ALT-PU-2023-7498-1-Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
[stable] 20180904 [PATCH 1/2] irda: Fix memory leak caused by repeated binds of irda socket
  • Patch
  • Third Party Advisory
[stable] 20180904 [PATCH 1/2] irda: Fix memory leak caused by repeated binds of irda socket
  • Patch
  • Third Party Advisory
105302
  • Third Party Advisory
  • VDB Entry
DSA-4308
  • Third Party Advisory
USN-3777-2
  • Third Party Advisory
USN-3777-1
  • Third Party Advisory
USN-3776-2
  • Third Party Advisory
USN-3776-1
  • Third Party Advisory
USN-3775-2
  • Third Party Advisory
USN-3775-1
  • Third Party Advisory
[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update
  • Third Party Advisory
USN-3777-3
  • Third Party Advisory
[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update
  • Mailing List
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
      End excliding
      4.17

      Configuration 2

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

      Configuration 3

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top