Sign-up

ID

VAR-201812-0251


CVE

CVE-2018-18096


TITLE

Intel QuickAssist Technology for Linux Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-012938

DESCRIPTION

Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access. Intel QuickAssist Technology for Linux Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel QuickAssist Technology for Linux is a data management technology based on the Linux platform of Intel Corporation of the United States. It is mainly used to enhance the security and compression performance of dynamic data and static data in cloud, network, big data and storage applications. A security vulnerability exists in Intel QuickAssist Technology (all versions) for Linux-based platforms. A local attacker could exploit this vulnerability to cause a denial of service

Trust: 1.71

sources: NVD: CVE-2018-18096 // JVNDB: JVNDB-2018-012938 // VULHUB: VHN-128621

AFFECTED PRODUCTS

vendor:intelmodel:quickassist technology for linuxscope: - version: -

Trust: 1.4

vendor:intelmodel:quickassist technology for linuxscope:eqversion:*

Trust: 1.0

sources: JVNDB: JVNDB-2018-012938 // CNNVD: CNNVD-201812-668 // NVD: CVE-2018-18096

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-18096
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-18096
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201812-668
value: LOW

Trust: 0.6

VULHUB: VHN-128621
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2018-18096
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-128621
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-18096
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-128621 // JVNDB: JVNDB-2018-012938 // CNNVD: CNNVD-201812-668 // NVD: CVE-2018-18096

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-128621 // JVNDB: JVNDB-2018-012938 // NVD: CVE-2018-18096

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201812-668

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201812-668

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-012938

PATCH
title:INTEL-SA-00209url:https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00211.html
Trust: 0.8
title:Intel QuickAssist Technology for Linux Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87904
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-012938 // 
            
            
            
            CNNVD: CNNVD-201812-668

EXTERNAL IDS
db:NVDid:CVE-2018-18096
Trust: 2.5
db:JVNDBid:JVNDB-2018-012938
Trust: 0.8
db:CNNVDid:CNNVD-201812-668
Trust: 0.7
db:VULHUBid:VHN-128621
Trust: 0.1
sources:
            
            
            VULHUB: VHN-128621 // 
            
            
            
            JVNDB: JVNDB-2018-012938 // 
            
            
            
            CNNVD: CNNVD-201812-668 // 
            
            
            
            NVD: CVE-2018-18096

REFERENCES
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00211.html
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18096
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-18096
Trust: 0.8
sources:
            
            
            VULHUB: VHN-128621 // 
            
            
            
            JVNDB: JVNDB-2018-012938 // 
            
            
            
            CNNVD: CNNVD-201812-668 // 
            
            
            
            NVD: CVE-2018-18096

SOURCES
db:VULHUBid:VHN-128621
db:JVNDBid:JVNDB-2018-012938
db:CNNVDid:CNNVD-201812-668
db:NVDid:CVE-2018-18096

LAST UPDATE DATE
2024-11-23T21:37:56.644000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-128621date:2019-01-04T00:00:00
db:JVNDBid:JVNDB-2018-012938date:2019-02-12T00:00:00
db:CNNVDid:CNNVD-201812-668date:2018-12-14T00:00:00
db:NVDid:CVE-2018-18096date:2024-11-21T03:55:28.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-128621date:2018-12-14T00:00:00
db:JVNDBid:JVNDB-2018-012938date:2019-02-12T00:00:00
db:CNNVDid:CNNVD-201812-668date:2018-12-14T00:00:00
db:NVDid:CVE-2018-18096date:2018-12-14T00:29:01.313