Denial-of-Service Vulnerability in Linux Kernel's cipso_v4_optptr() Function

Denial-of-Service Vulnerability in Linux Kernel's cipso_v4_optptr() Function

CVE-2018-10938 · HIGH Severity

AV:N/AC:M/AU:N/C:N/I:N/A:C

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.