Vulnerability Details : CVE-2018-14633
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable.
Vulnerability category: OverflowMemory CorruptionGain privilegeDenial of service
Products affected by CVE-2018-14633
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Threat overview for CVE-2018-14633
Top countries where our scanners detected CVE-2018-14633
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2018-14633 26,373
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2018-14633!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2018-14633
7.84%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 91 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-14633
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
8.3
|
HIGH | AV:N/AC:M/Au:N/C:P/I:P/A:C |
8.6
|
8.5
|
NIST | |
|
7.0
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
2.2
|
4.7
|
Red Hat, Inc. | |
|
7.0
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
2.2
|
4.7
|
NIST |
CWE ids for CVE-2018-14633
-
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).Assigned by: secalert@redhat.com (Primary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Secondary)
References for CVE-2018-14633
-
https://access.redhat.com/errata/RHSA-2018:3666
RHSA-2018:3666 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securityfocus.com/bid/105388
Linux Kernel 'chap_server_compute_md5()' Function Stack Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
https://www.debian.org/security/2018/dsa-4308
Debian -- Security Information -- DSA-4308-1 linuxThird Party Advisory
-
https://usn.ubuntu.com/3775-1/
USN-3775-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://usn.ubuntu.com/3777-3/
USN-3777-3: Linux kernel (Azure) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://usn.ubuntu.com/3779-1/
USN-3779-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://seclists.org/oss-sec/2018/q3/270
oss-sec: CVE-2018-14633: Linux kernel: security flaw in iscsi target codeMailing List;Third Party Advisory
-
https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=8c39e2699f8acb2e29782a834e56306da24937fe
kernel/git/mkp/scsi.git - SCSIPatch;Vendor Advisory
-
https://usn.ubuntu.com/3777-2/
USN-3777-2: Linux kernel (HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html
[SECURITY] [DLA 1531-1] linux-4.9 security updateMailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:1946
RHSA-2019:1946 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14633
1626035 – (CVE-2018-14633) CVE-2018-14633 kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi targetIssue Tracking;Patch;Third Party Advisory
-
https://usn.ubuntu.com/3776-1/
USN-3776-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://usn.ubuntu.com/3777-1/
USN-3777-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://usn.ubuntu.com/3776-2/
USN-3776-2: Linux kernel (Xenial HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:3651
RHSA-2018:3651 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/3775-2/
USN-3775-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=1816494330a83f2a064499d8ed2797045641f92c
kernel/git/mkp/scsi.git - SCSIPatch;Vendor Advisory
Jump to