Sign-up

ID

VAR-201812-0105


CVE

CVE-2018-12206


TITLE

Intel QuickAssist Technology for Linux Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013130

DESCRIPTION

Improper configuration of hardware access in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access. Intel QuickAssist Technology for Linux Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel QuickAssist Technology for Linux is a data management technology based on the Linux platform of Intel Corporation of the United States. It is mainly used to enhance the security and compression performance of dynamic data and static data in cloud, network, big data and storage applications. A security vulnerability exists in Intel QuickAssist Technology (all versions) for Linux-based platforms. A local attacker could exploit this vulnerability to cause a denial of service

Trust: 1.71

sources: NVD: CVE-2018-12206 // JVNDB: JVNDB-2018-013130 // VULHUB: VHN-122142

AFFECTED PRODUCTS

vendor:intelmodel:quickassist technology for linuxscope:eqversion: -

Trust: 1.6

vendor:intelmodel:quickassist technology for linuxscope:ltversion:4.76

Trust: 0.8

sources: JVNDB: JVNDB-2018-013130 // CNNVD: CNNVD-201812-671 // NVD: CVE-2018-12206

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-12206
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-12206
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201812-671
value: LOW

Trust: 0.6

VULHUB: VHN-122142
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2018-12206
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-122142
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-12206
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-122142 // JVNDB: JVNDB-2018-013130 // CNNVD: CNNVD-201812-671 // NVD: CVE-2018-12206

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-122142 // JVNDB: JVNDB-2018-013130 // NVD: CVE-2018-12206

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201812-671

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201812-671

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013130

PATCH
title:INTEL-SA-00209url:https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00211.html
Trust: 0.8
title:Intel QuickAssist Technology for Linux Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87906
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-013130 // 
            
            
            
            CNNVD: CNNVD-201812-671

EXTERNAL IDS
db:NVDid:CVE-2018-12206
Trust: 2.5
db:JVNDBid:JVNDB-2018-013130
Trust: 0.8
db:CNNVDid:CNNVD-201812-671
Trust: 0.7
db:VULHUBid:VHN-122142
Trust: 0.1
sources:
            
            
            VULHUB: VHN-122142 // 
            
            
            
            JVNDB: JVNDB-2018-013130 // 
            
            
            
            CNNVD: CNNVD-201812-671 // 
            
            
            
            NVD: CVE-2018-12206

REFERENCES
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00211.html
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12206
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12206
Trust: 0.8
sources:
            
            
            VULHUB: VHN-122142 // 
            
            
            
            JVNDB: JVNDB-2018-013130 // 
            
            
            
            CNNVD: CNNVD-201812-671 // 
            
            
            
            NVD: CVE-2018-12206

SOURCES
db:VULHUBid:VHN-122142
db:JVNDBid:JVNDB-2018-013130
db:CNNVDid:CNNVD-201812-671
db:NVDid:CVE-2018-12206

LAST UPDATE DATE
2024-11-23T22:30:10.844000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-122142date:2019-01-04T00:00:00
db:JVNDBid:JVNDB-2018-013130date:2019-02-15T00:00:00
db:CNNVDid:CNNVD-201812-671date:2018-12-14T00:00:00
db:NVDid:CVE-2018-12206date:2024-11-21T03:44:45.197

SOURCES RELEASE DATE
db:VULHUBid:VHN-122142date:2018-12-14T00:00:00
db:JVNDBid:JVNDB-2018-013130date:2019-02-15T00:00:00
db:CNNVDid:CNNVD-201812-671date:2018-12-14T00:00:00
db:NVDid:CVE-2018-12206date:2018-12-14T00:29:00.343