Base Score

MEDIUM5.5

CVE-2017-18216

In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.

VectorLOCAL

Published Bycve@mitre.org

Published DateMar 05, 2018, 18:29

Weakness Type (CWE):CWE-476

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.0

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=853bc26a7ea39e354b9f8889ae7ad1492ffa28d2
http://www.securityfocus.com/bid/103278
https://github.com/torvalds/linux/commit/853bc26a7ea39e354b9f8889ae7ad1492ffa28d2
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
https://usn.ubuntu.com/3776-1/
https://usn.ubuntu.com/3776-2/
https://usn.ubuntu.com/3798-1/
https://usn.ubuntu.com/3798-2/
https://www.debian.org/security/2018/dsa-4187
https://www.debian.org/security/2018/dsa-4188

Base Score

MEDIUM5.5

Weakness Type (CWE):CWE-476

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.0

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH