UBUNTU-CVE-2018-1066

Details

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.

Affected Packages(147 packages)

linux

Ubuntu 22.04 LTS

Fixed in:

5.13.0-19.19

linux

Ubuntu 14.04 LTS

Affected versions:

3.11.0-12.193.12.0-1.33.12.0-2.53.12.0-2.73.12.0-3.83.12.0-3.93.12.0-4.103.12.0-4.123.12.0-5.133.12.0-7.15+133 more

Fixed in:

3.13.0-165.215

linux

Ubuntu 18.04 LTS

Fixed in:

4.13.0-16.19

linux

Ubuntu 16.04 LTS

Affected versions:

4.2.0-16.194.2.0-17.214.2.0-19.234.3.0-1.104.3.0-2.114.3.0-5.164.3.0-6.174.3.0-7.184.4.0-10.254.4.0-11.26+45 more

Fixed in:

4.4.0-87.110

linux

Ubuntu 24.10

Fixed in:

6.8.0-31.31

linux

Ubuntu 24.04 LTS

Fixed in:

6.5.0-9.9

linux

Ubuntu 20.04 LTS

Affected versions:

5.3.0-18.195.3.0-24.26

Fixed in:

5.4.0-9.12

linux-aws

Ubuntu 18.04 LTS

Fixed in:

4.15.0-1001.1

linux-aws

Ubuntu 20.04 LTS

Affected versions:

5.3.0-1003.35.3.0-1008.95.3.0-1009.105.3.0-1010.11

Fixed in:

5.4.0-1005.5

linux-aws

Ubuntu 22.04 LTS

Fixed in:

5.13.0-1005.6

References

REPORThttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cabfb3680f78981d26c078a26e5c748531257ebb REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=1539599 REPORThttps://github.com/torvalds/linux/commit/cabfb3680f78981d26c078a26e5c748531257ebb REPORThttps://patchwork.kernel.org/patch/10187633/REPORThttps://ubuntu.com/security/CVE-2018-1066 REPORThttps://ubuntu.com/security/notices/USN-3880-1 REPORThttps://ubuntu.com/security/notices/USN-3880-2 REPORThttps://www.cve.org/CVERecord?id=CVE-2018-1066

UBUNTU-CVE-2018-1066

Details

Affected Packages(147 packages)

References

CVSS Analysis

Related

Ecosystems(27)

Timeline